package com.wizriver.config;
import java.util.HashSet;
import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import com.wizriver.entity.beans.VgAuthority;
import com.wizriver.entity.beans.VgRole;
import com.wizriver.entity.beans.VgUser;
/**
* 实现SpringSecurity的UserDetailsService接口,实现获取用户Detail信息的回调函数.
*
* @author calvin
*/
@Service
@Transactional(readOnly = true)
public class UserDetailsServiceImpl implements UserDetailsService {
private SecurityEntityManager securityEntityManager;
@Autowired
public void setSecurityEntityManager(SecurityEntityManager securityEntityManager) {
this.securityEntityManager = securityEntityManager;
}
/**
* 获取用户Details信息的回调函数.
*/
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException, DataAccessException {
VgUser user = securityEntityManager.findUserByLoginName(userName);
if (user == null) {
throw new UsernameNotFoundException("用户" + userName + " 不存在");
}
// GrantedAuthority[] grantedAuths = obtainGrantedAuthorities(user);
boolean enabled = true;
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
// org.springframework.security.core.userdetails.User userdetail = new org.springframework.security.core.userdetails.User(
// user.getLoginName(), user.getPassword(), enabled, accountNonExpired, credentialsNonExpired,
// accountNonLocked, grantedAuths);
// List<GrantedAuthority> gas = new ArrayList<GrantedAuthority>();
// for(VgRole roles : user.getRoleList()){
// GrantedAuthorityImpl ga = new GrantedAuthorityImpl(roles.getName());
// gas.add(ga);
// }
//
// Authentication auth = new UsernamePasswordAuthenticationToken(user.getId(), null, gas.toArray(new GrantedAuthority[gas.size()]));
// SecurityContextHolder.getContext().setAuthentication(auth);
Set<GrantedAuthority> gas = grantedAuthorities(user);
UserDetails userdetail = new VgUser(user.getId(),user.getLoginName(),user.getRealName(),user.getNickname(),user.getPassword(),enabled,accountNonExpired,credentialsNonExpired,accountNonLocked,gas);
return userdetail;
}
/**
* 获得用户所有角色的权限集合.
*/
private GrantedAuthority[] obtainGrantedAuthorities(VgUser user) {
Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();
for (VgRole role : user.getRoleList()) {
for (VgAuthority authority : role.getAuthorityList()) {
authSet.add(new GrantedAuthorityImpl(authority.getName()));
}
}
return authSet.toArray(new GrantedAuthority[authSet.size()]);
}
private Set<GrantedAuthority> grantedAuthorities(VgUser user) {
Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();
for (VgRole role : user.getRoleList()) {
for (VgAuthority authority : role.getAuthorityList()) {
authSet.add(new GrantedAuthorityImpl(authority.getName()));
}
}
return authSet;
}
}