增加安全控制接口

source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityService.java

@@ -0,0 +1,10 @@
+package com.jd.blockchain.ump.service;
+
+import java.util.List;
+
+public interface SecurityService {
+
+    List<String> securityConfigs();
+
+    void init();
+}

source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityServiceHandler.java

@@ -0,0 +1,57 @@
+package com.jd.blockchain.ump.service;
+
+import com.jd.blockchain.ump.model.UmpConstant;
+import org.springframework.stereotype.Service;
+
+import java.io.File;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+@Service
+public class SecurityServiceHandler implements SecurityService {
+
+    static final String SECURITY_FILE = "security.config";
+
+    private List<String> securityConfigs = new ArrayList<>();
+
+    public SecurityServiceHandler() {
+        init();
+    }
+
+    @Override
+    public List<String> securityConfigs() {
+        return securityConfigs;
+    }
+
+    @Override
+    public void init() {
+        try {
+            // 读取配置文件中的内容
+            InputStream currentFileInputStream = SecurityServiceHandler.class.getResourceAsStream(
+                    File.separator + SECURITY_FILE);
+
+            Properties currentProps = new Properties();
+
+            currentProps.load(currentFileInputStream);
+
+            // 将配置文件内容写入securityConfigs
+            write(currentProps);
+        } catch (Exception e) {
+            throw new IllegalStateException(e);
+        }
+    }
+
+    private void write(Properties currentProps) {
+        // 获取ROLES
+        String roles = currentProps.getProperty(UmpConstant.SECURITY_ROLES, "");
+
+        if (roles.length() > 0) {
+
+
+
+
+        }
+    }
+}

source/manager/ump-service/src/main/resources/security.config

@@ -0,0 +1,17 @@
+security.roles=DEFAULT, ADMIN, MANAGER, GUEST
+
+security.role.DEFAULT.ledger-privileges=REGISTER_USER, REGISTER_DATA_ACCOUNT
+
+security.role.DEFAULT.tx-privileges=DIRECT_OPERATION, CONTRACT_OPERATION
+
+security.role.ADMIN.ledger-privileges=CONFIGURE_ROLES, AUTHORIZE_USER_ROLES, SET_CONSENSUS, SET_CRYPTO, REGISTER_PARTICIPANT, REGISTER_USER
+
+security.role.ADMIN.tx-privileges=DIRECT_OPERATION
+
+security.role.MANAGER.ledger-privileges=CONFIGURE_ROLES, AUTHORIZE_USER_ROLES, REGISTER_USER, REGISTER_DATA_ACCOUNT, REGISTER_CONTRACT, UPGRADE_CONTRACT, SET_USER_ATTRIBUTES, WRITE_DATA_ACCOUNT
+
+security.role.MANAGER.tx-privileges=DIRECT_OPERATION, CONTRACT_OPERATION
+
+security.role.GUEST.ledger-privileges=
+
+security.role.GUEST.tx-privileges=CONTRACT_OPERATION