1.增加系统日志。

picc-admin-server/src/main/java/com/jpsoft/picc/advice/PermissionAdvice.java

@@ -1,7 +1,9 @@
 package com.jpsoft.picc.advice;
 
 import com.jpsoft.picc.modules.common.dto.MessageResult;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
 import com.jpsoft.picc.modules.sys.service.PermissionService;
+import com.jpsoft.picc.modules.sys.service.SysLogService;
 import lombok.extern.slf4j.Slf4j;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -18,6 +20,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
 import java.lang.reflect.Method;
+import java.util.Date;
 
 @Slf4j
 @Aspect
@@ -26,6 +29,9 @@ public class PermissionAdvice {
     @Autowired
     private PermissionService permissionService;
 
+    @Autowired
+    private SysLogService sysLogService;
+
     @Pointcut("(execution(public * com.jpsoft.picc..controller.*.*(..)))")
     public void pointcut(){
 
@@ -72,8 +78,15 @@ public class PermissionAdvice {
 
         Object obj = null;
 
+        SysLog sysLog = new SysLog();
+
         if(requestAttrs!=null) {
             HttpServletRequest request = requestAttrs.getRequest();
+            String remoteIP = request.getHeader("remote_addr");
+
+            sysLog.setRemoteIp(remoteIP);
+            sysLog.setUrl(request.getRequestURI());
+
             log.warn("访问地址：" + request.getRequestURL().toString());
             log.warn("path=" + pathBuilder.toString());
 
@@ -90,14 +103,23 @@ public class PermissionAdvice {
 
                 if(args[i] != null) {
                     String value = args[i].toString();
-                    value = value.length() > 255 ? value.substring(0, 255) : value;
+                    value = value.length() > 100 ? value.substring(0, 100) : value;
+
+                    if (parameterNames[i].equals("password")){
+                        value = "******";
+                    }
+
                     argBuilder.append(parameterNames[i] + "=" + value);
                 }
             }
 
-            log.warn(argBuilder.toString());
+//            log.warn(argBuilder.toString());
+            sysLog.setData(argBuilder.toString());
 
             String userId = (String)request.getAttribute("subject");
+            sysLog.setUserId(userId);
+
+            sysLog.setCreateTime(new Date());
 
             boolean existed = permissionService.exist(pathBuilder.toString(), request.getMethod());
 
@@ -109,10 +131,14 @@ public class PermissionAdvice {
                 log.warn("是否许可当前用户访问:" + permitted);
 
                 if(permitted){
+                    sysLog.setRemark("已授权当前用户访问");
+
                     // 执行切入方法
                     obj = point.proceed();
                 }
                 else{
+                    sysLog.setRemark("未授权当前用户访问!");
+
                     MessageResult<String> msgResult = new MessageResult<>();
                     msgResult.setCode(401);
                     msgResult.setResult(false);
@@ -123,6 +149,7 @@ public class PermissionAdvice {
             }
             else{
                 log.warn(pathBuilder.toString() + "未加入权限控制");
+                sysLog.setRemark("当前url未加入权限控制");
 
                 // 执行切入方法
                 obj = point.proceed();
@@ -133,6 +160,10 @@ public class PermissionAdvice {
 
         System.out.println(classType);
         log.warn(String.format("调用类%s方法%s耗时%s毫秒",clazzSimpleName,methodName,elapse));
+        sysLog.setElapse(elapse);
+        sysLog.setPointcut(clazzSimpleName + "->" + methodName);
+
+        sysLogService.insert(sysLog);
 
         return obj;
     }

picc-admin-server/src/main/java/com/jpsoft/picc/modules/sys/controller/LogController.java

@@ -0,0 +1,103 @@
+package com.jpsoft.picc.modules.sys.controller;
+
+import com.github.pagehelper.Page;
+import com.jpsoft.picc.modules.common.utils.PojoUtils;
+import com.jpsoft.picc.modules.common.dto.Sort;
+import com.jpsoft.picc.modules.common.dto.MessageResult;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
+import com.jpsoft.picc.modules.sys.service.SysLogService;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.format.annotation.DateTimeFormat;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletRequest;
+import java.text.SimpleDateFormat;
+import java.util.*;
+
+@RestController
+@RequestMapping("/sys/log")
+@Api(description = "系统日志")
+public class LogController {
+    private Logger logger = LoggerFactory.getLogger(getClass());
+
+    @Autowired
+    private SysLogService sysLogService;
+
+    @ApiOperation(value="列表")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "userId",value = "用户编号", paramType = "form"),
+            @ApiImplicitParam(name = "url",value = "url",  paramType = "form"),
+            @ApiImplicitParam(name = "remoteIP",value = "远程IP", paramType="form"),
+            @ApiImplicitParam(name = "startTime",value = "开始时间", paramType="form"),
+            @ApiImplicitParam(name = "endTime",value = "结束时间", paramType="form"),
+            @ApiImplicitParam(name = "elapseMin",value = "耗时大于（毫秒）", paramType="form"),
+            @ApiImplicitParam(name = "elapseMax",value = "耗时小于（毫秒）", paramType="form"),
+            @ApiImplicitParam(name = "pointcut",value = "切入口", paramType="form"),
+            @ApiImplicitParam(name = "remoteIP",value = "远程IP", paramType="form")
+    })
+    @RequestMapping(value = "pageList",method = RequestMethod.POST)
+    public MessageResult<Map> pageList(
+            String userId,
+            String url,
+            String remoteIP,
+            Long elapseMin,
+            Long elapseMax,
+            String pointcut,
+            @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm") Date startTime,
+            @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm") Date endTime,
+            @RequestParam(value="pageIndex",defaultValue="1") int pageIndex,
+            @RequestParam(value="pageSize",defaultValue="20") int pageSize){
+        MessageResult<Map> msgResult = new MessageResult<>();
+
+        Map<String,Object> searchParams = new HashMap<>();
+
+        List<Sort> sortList = new ArrayList<>();
+        sortList.add(new Sort("create_time","desc"));
+
+        if (StringUtils.isNotEmpty(userId)) {
+            searchParams.put("userId",userId);
+        }
+
+        if (StringUtils.isNotEmpty(url)) {
+            searchParams.put("url","%" + url + "%");
+        }
+
+        if (StringUtils.isNotEmpty(remoteIP)) {
+            searchParams.put("remoteIP","%" + remoteIP + "%");
+        }
+
+        if (StringUtils.isNotEmpty(pointcut)) {
+            searchParams.put("pointcut","%" + pointcut + "%");
+        }
+
+        if (startTime!=null) {
+            searchParams.put("startTime",startTime);
+        }
+
+        if (endTime!=null) {
+            searchParams.put("endTime",endTime);
+        }
+
+        if (elapseMin!=null){
+            searchParams.put("elapseMin",elapseMin);
+        }
+
+        if (elapseMax!=null){
+            searchParams.put("elapseMax",elapseMax);
+        }
+
+        Page<SysLog> page = sysLogService.pageSearch(searchParams,pageIndex,pageSize,sortList);
+
+        msgResult.setResult(true);
+        msgResult.setData(PojoUtils.pageWrapper(page));
+
+        return msgResult;
+    }
+}

picc-common/src/main/java/com/jpsoft/picc/modules/sys/dao/SysLogDAO.java

@@ -0,0 +1,18 @@
+package com.jpsoft.picc.modules.sys.dao;
+
+import java.util.List;
+import org.springframework.stereotype.Repository;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
+import java.util.Map;
+import com.jpsoft.picc.modules.common.dto.Sort;
+
+@Repository
+public interface SysLogDAO {
+	int insert(SysLog entity);
+	int update(SysLog entity);
+	int exist(Long id);
+	SysLog get(Long id);
+	int delete(Long id);
+	List<SysLog> list();
+	List<SysLog> search(Map<String, Object> searchParams, List<Sort> sortList);
+}

picc-common/src/main/java/com/jpsoft/picc/modules/sys/service/SysLogService.java

@@ -0,0 +1,17 @@
+package com.jpsoft.picc.modules.sys.service;
+
+import java.util.List;
+import java.util.Map;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
+import com.github.pagehelper.Page;
+import com.jpsoft.picc.modules.common.dto.Sort;
+
+public interface SysLogService {
+	SysLog get(Long id);
+	boolean exist(Long id);
+	int insert(SysLog model);
+	int update(SysLog model);
+	int delete(Long id);
+	List<SysLog> list();
+	Page<SysLog> pageSearch(Map<String, Object> searchParams, int pageNum, int pageSize, List<Sort> sortList);
+}

picc-common/src/main/java/com/jpsoft/picc/modules/sys/service/impl/SysLogServiceImpl.java

@@ -0,0 +1,70 @@
+package com.jpsoft.picc.modules.sys.service.impl;
+
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import javax.annotation.Resource;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+import com.jpsoft.picc.modules.sys.dao.SysLogDAO;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
+import com.jpsoft.picc.modules.sys.service.SysLogService;
+import com.github.pagehelper.Page;
+import com.jpsoft.picc.modules.common.dto.Sort;
+import com.github.pagehelper.PageHelper;
+
+@Transactional
+@Component(value="sysLogService")
+public class SysLogServiceImpl implements SysLogService {
+	@Resource(name="sysLogDAO")
+	private SysLogDAO sysLogDAO;
+
+	@Override
+	public SysLog get(Long id) {
+		// TODO Auto-generated method stub
+		return sysLogDAO.get(id);
+	}
+
+	@Override
+	public int insert(SysLog model) {
+		// TODO Auto-generated method stub
+		//model.setId(UUID.randomUUID().toString());
+		
+		return sysLogDAO.insert(model);
+	}
+
+	@Override
+	public int update(SysLog model) {
+		// TODO Auto-generated method stub
+		return sysLogDAO.update(model);		
+	}
+
+	@Override
+	public int delete(Long id) {
+		// TODO Auto-generated method stub
+		return sysLogDAO.delete(id);
+	}
+
+	@Override
+	public boolean exist(Long id) {
+		// TODO Auto-generated method stub
+		int count = sysLogDAO.exist(id);
+		
+		return count > 0 ? true : false;
+	}
+	
+	@Override
+	public List<SysLog> list() {
+		// TODO Auto-generated method stub
+		return sysLogDAO.list();
+	}
+		
+	@Override
+	public Page<SysLog> pageSearch(Map<String, Object> searchParams, int pageNumber, int pageSize,List<Sort> sortList) {
+        Page<SysLog> page = PageHelper.startPage(pageNumber,pageSize).doSelectPage(()->{
+            sysLogDAO.search(searchParams,sortList);
+        });
+        
+        return page;
+	}
+}

picc-common/src/main/resources/mapper/sys/SysLog.xml

@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<!-- namespace必须指向DAO接口 -->
+<mapper namespace="com.jpsoft.picc.modules.sys.dao.SysLogDAO">
+    <resultMap id="SysLogMap" type="com.jpsoft.picc.modules.sys.entity.SysLog">
+        <id property="id" column="id_"/>
+        <result property="remoteIp" column="remote_ip"/>
+        <result property="url" column="url_"/>
+        <result property="data" column="data_"/>
+        <result property="userId" column="user_id"/>
+        <result property="createTime" column="create_time"/>
+        <result property="remark" column="remark_"/>
+        <result property="elapse" column="elapse_"/>
+        <result property="pointcut" column="pointcut_"/>
+    </resultMap>
+    <insert id="insert" parameterType="com.jpsoft.picc.modules.sys.entity.SysLog">
+        <!--
+        <selectKey resultType="java.lang.String" order="BEFORE" keyProperty="id">
+            select sys_guid() from dual
+        </selectKey>
+        -->
+        <![CDATA[
+		insert into sys_log
+	    (remote_ip,url_,data_,user_id,create_time,remark_,elapse_,pointcut_)
+		values
+		(
+            #{remoteIp,jdbcType=VARCHAR}
+            ,#{url,jdbcType=VARCHAR}
+            ,#{data,jdbcType=VARCHAR}
+            ,#{userId,jdbcType=VARCHAR}
+            ,#{createTime,jdbcType= TIMESTAMP }
+            ,#{remark,jdbcType=VARCHAR}
+            ,#{elapse,jdbcType=NUMERIC}
+            ,#{pointcut,jdbcType=VARCHAR}
+		)
+	]]>
+    </insert>
+    <delete id="delete" parameterType="string">
+        delete from sys_log where id_=#{id,jdbcType=VARCHAR}
+    </delete>
+    <update id="update" parameterType="com.jpsoft.picc.modules.sys.entity.SysLog">
+        update sys_log
+        <set>
+            <if test="remoteIp!=null">
+                remote_ip=#{remoteIp,jdbcType=VARCHAR},
+            </if>
+            <if test="url!=null">
+                url_=#{url,jdbcType=VARCHAR},
+            </if>
+            <if test="data!=null">
+                data_=#{data,jdbcType=VARCHAR},
+            </if>
+            <if test="userId!=null">
+                user_id=#{userId,jdbcType=VARCHAR},
+            </if>
+            <if test="createTime!=null">
+                create_time=#{createTime,jdbcType= TIMESTAMP },
+            </if>
+        </set>
+        where id_=#{id}
+    </update>
+    <select id="get" parameterType="string" resultMap="SysLogMap">
+        select * from sys_log where id_=#{0}
+    </select>
+    <select id="exist" parameterType="string" resultType="int">
+        select count(*) from sys_log where id_=#{0}
+    </select>
+    <select id="list" resultMap="SysLogMap">
+        select * from sys_log
+    </select>
+    <select id="search" parameterType="hashmap" resultMap="SysLogMap">
+        <![CDATA[
+			select * from sys_log
+		]]>
+        <where>
+            <if test="searchParams.userId != null">
+                and user_id = #{searchParams.userId}
+            </if>
+            <if test="searchParams.remoteIP != null">
+                and remote_ip like #{searchParams.remoteIP}
+            </if>
+            <if test="searchParams.url != null">
+                and url_ like #{searchParams.url}
+            </if>
+            <if test="searchParams.pointcut != null">
+                and pointcut_ like #{searchParams.pointcut}
+            </if>
+            <if test="searchParams.startTime != null">
+                and create_time >= #{searchParams.startTime}
+            </if>
+            <if test="searchParams.endTime != null">
+                <![CDATA[
+                    and create_time <= #{searchParams.endTime}
+                ]]>
+            </if>
+            <if test="searchParams.elapseMin != null">
+                and elapse_ >= #{searchParams.elapseMin}
+            </if>
+            <if test="searchParams.elapseMax != null">
+                <![CDATA[
+                    and elapse_ <= #{searchParams.elapseMax}
+                ]]>
+            </if>
+        </where>
+        <foreach item="sort" collection="sortList" open="order by" separator=",">
+            ${sort.name} ${sort.order}
+        </foreach>
+    </select>
+</mapper>

picc-enterprise-server/src/main/java/com/jpsoft/picc/advice/PermissionAdvice.java

@@ -0,0 +1,140 @@
+package com.jpsoft.picc.advice;
+
+import com.jpsoft.picc.modules.common.dto.MessageResult;
+import com.jpsoft.picc.modules.sys.entity.SysLog;
+import com.jpsoft.picc.modules.sys.service.PermissionService;
+import com.jpsoft.picc.modules.sys.service.SysLogService;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.util.Date;
+
+@Slf4j
+@Aspect
+@Component
+public class PermissionAdvice {
+    @Autowired
+    private SysLogService sysLogService;
+
+    @Pointcut("(execution(public * com.jpsoft.picc..controller.*.*(..)))")
+    public void pointcut(){
+
+    }
+
+    @Around("pointcut()")
+    public Object around(ProceedingJoinPoint point) throws Throwable {
+        long start = System.currentTimeMillis();
+
+        String classType = point.getTarget().getClass().getName();
+        Class<?> clazz = Class.forName(classType);
+        String clazzSimpleName = clazz.getSimpleName();
+        MethodSignature methodSignature = (MethodSignature) point.getSignature();
+        String methodName = methodSignature.getName();
+
+        // 通过正则表达式判断当前url是否符合
+        //PathMatcher matcher = new AntPathMatcher();
+
+        StringBuilder pathBuilder = new StringBuilder();
+
+        //查询类的RequestMapping注解
+        RequestMapping classMapping = clazz.getAnnotation(RequestMapping.class);
+
+        if(classMapping != null && classMapping.value().length>0){
+            pathBuilder.append(classMapping.value()[0]);
+        }
+
+        //查询方法的RequestMapping注解
+        Method method = methodSignature.getMethod();
+
+        RequestMapping methodMapping = method.getAnnotation(RequestMapping.class);
+
+        if(methodMapping != null && methodMapping.value().length>0){
+            String subPath = methodMapping.value()[0];
+
+            if(!subPath.startsWith("/")){
+                pathBuilder.append("/");
+            }
+
+            pathBuilder.append(subPath);
+        }
+
+        ServletRequestAttributes requestAttrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+
+        Object obj = null;
+
+        SysLog sysLog = new SysLog();
+
+        if(requestAttrs!=null) {
+            HttpServletRequest request = requestAttrs.getRequest();
+            String remoteIP = request.getHeader("remote_addr");
+
+            sysLog.setRemoteIp(remoteIP);
+            sysLog.setUrl(request.getRequestURI());
+
+            log.warn("访问地址：" + request.getRequestURL().toString());
+            log.warn("path=" + pathBuilder.toString());
+
+            //1.这里获取到所有的参数值的数组
+            Object[] args = point.getArgs();
+            String[] parameterNames = methodSignature.getParameterNames();
+
+            StringBuilder argBuilder = new StringBuilder();
+
+            for (int i = 0;i<Math.min(args.length, parameterNames.length);i++) {
+                if (argBuilder.length()!=0){
+                    argBuilder.append("&");
+                }
+
+                if(args[i] != null) {
+                    String value = args[i].toString();
+                    value = value.length() > 100 ? value.substring(0, 100) : value;
+
+                    if (parameterNames[i].equals("password")){
+                        value = "******";
+                    }
+
+                    argBuilder.append(parameterNames[i] + "=" + value);
+                }
+            }
+
+//            log.warn(argBuilder.toString());
+            sysLog.setData(argBuilder.toString());
+
+            AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal();
+
+            if(principal!=null) {
+                String userId = principal.getName();
+                sysLog.setUserId(userId);
+            }
+
+            sysLog.setCreateTime(new Date());
+
+            // 执行切入方法
+            obj = point.proceed();
+        }
+
+        long elapse = System.currentTimeMillis() - start;
+
+        System.out.println(classType);
+        log.warn(String.format("调用类%s方法%s耗时%s毫秒",clazzSimpleName,methodName,elapse));
+
+        sysLog.setElapse(elapse);
+        sysLog.setPointcut(clazzSimpleName + "->" + methodName);
+
+        sysLogService.insert(sysLog);
+
+        return obj;
+    }
+}

picc-enterprise-server/src/main/java/com/jpsoft/picc/modules/auth/controller/InsurancePolicyUserController.java

@@ -317,7 +317,6 @@ public class InsurancePolicyUserController {
                 }
             }
 
-
             if (affectCount > 0) {
                 msgResult.setResult(true);
                 msgResult.setData("成功导入" + affectCount + "条记录。");
@@ -355,6 +354,7 @@ public class InsurancePolicyUserController {
 
             insurancePolicyMember.setReplaceMemberId(srcMemberId);
             insurancePolicyMember.setMemberId(destMemberId);
+            insurancePolicyMember.setStatus("0"); //替换后设为未审核
             insurancePolicyMember.setUpdateBy(principal.getName());
             insurancePolicyMember.setUpdateTime(new Date());