diff --git a/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityService.java b/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityService.java new file mode 100644 index 00000000..0561c740 --- /dev/null +++ b/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityService.java @@ -0,0 +1,10 @@ +package com.jd.blockchain.ump.service; + +import java.util.List; + +public interface SecurityService { + + List securityConfigs(); + + void init(); +} diff --git a/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityServiceHandler.java b/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityServiceHandler.java new file mode 100644 index 00000000..577e674f --- /dev/null +++ b/source/manager/ump-service/src/main/java/com/jd/blockchain/ump/service/SecurityServiceHandler.java @@ -0,0 +1,57 @@ +package com.jd.blockchain.ump.service; + +import com.jd.blockchain.ump.model.UmpConstant; +import org.springframework.stereotype.Service; + +import java.io.File; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; + +@Service +public class SecurityServiceHandler implements SecurityService { + + static final String SECURITY_FILE = "security.config"; + + private List securityConfigs = new ArrayList<>(); + + public SecurityServiceHandler() { + init(); + } + + @Override + public List securityConfigs() { + return securityConfigs; + } + + @Override + public void init() { + try { + // 读取配置文件中的内容 + InputStream currentFileInputStream = SecurityServiceHandler.class.getResourceAsStream( + File.separator + SECURITY_FILE); + + Properties currentProps = new Properties(); + + currentProps.load(currentFileInputStream); + + // 将配置文件内容写入securityConfigs + write(currentProps); + } catch (Exception e) { + throw new IllegalStateException(e); + } + } + + private void write(Properties currentProps) { + // 获取ROLES + String roles = currentProps.getProperty(UmpConstant.SECURITY_ROLES, ""); + + if (roles.length() > 0) { + + + + + } + } +} diff --git a/source/manager/ump-service/src/main/resources/security.config b/source/manager/ump-service/src/main/resources/security.config new file mode 100644 index 00000000..02345894 --- /dev/null +++ b/source/manager/ump-service/src/main/resources/security.config @@ -0,0 +1,17 @@ +security.roles=DEFAULT, ADMIN, MANAGER, GUEST + +security.role.DEFAULT.ledger-privileges=REGISTER_USER, REGISTER_DATA_ACCOUNT + +security.role.DEFAULT.tx-privileges=DIRECT_OPERATION, CONTRACT_OPERATION + +security.role.ADMIN.ledger-privileges=CONFIGURE_ROLES, AUTHORIZE_USER_ROLES, SET_CONSENSUS, SET_CRYPTO, REGISTER_PARTICIPANT, REGISTER_USER + +security.role.ADMIN.tx-privileges=DIRECT_OPERATION + +security.role.MANAGER.ledger-privileges=CONFIGURE_ROLES, AUTHORIZE_USER_ROLES, REGISTER_USER, REGISTER_DATA_ACCOUNT, REGISTER_CONTRACT, UPGRADE_CONTRACT, SET_USER_ATTRIBUTES, WRITE_DATA_ACCOUNT + +security.role.MANAGER.tx-privileges=DIRECT_OPERATION, CONTRACT_OPERATION + +security.role.GUEST.ledger-privileges= + +security.role.GUEST.tx-privileges=CONTRACT_OPERATION \ No newline at end of file