【科翔】【MES对接】【接口配置完善、文档完善】

src/main/java/com/uas/eis/controller/ERPController.java

@@ -12,6 +12,7 @@ import com.uas.eis.sdk.entity.ApiResult;
 import com.uas.eis.sdk.resp.ApiResponse;
 import com.uas.eis.service.EAPICommonService;
 import com.uas.eis.service.EAPIDataService;
+import com.uas.eis.utils.StringUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -49,49 +50,61 @@ public class ERPController {
         apiReq.setTimestamp(request.getHeader("Timestamp"));
         apiReq.setRequestId(request.getHeader("RequestId"));
         apiReq.setSignature(request.getHeader("Signature"));
-        Employee employee = eAPICommonService.loginEmp(apiReq);
-        if(employee == null){
-            ApiResult apiResult = new ApiResult();
-            apiResult.setCode(ErrorMessage.EMP_ILLEGAL.getCode());
-            apiResult.setMessage(ErrorMessage.EMP_ILLEGAL.getMessage());
-            apiResult.setRequestId(apiReq.getRequestId());
-            throw new ApiSystemException(apiResult);
-        }else {
-            employee.setEm_name("API("+apiReq.getAccessKey()+")");
-            employee.setEm_type("admin");
-            employee.setEm_class("admin_virtual");
+        apiReq.setfCode(request.getHeader("fCode"));
+        if(!StringUtil.hasText(apiReq.getCode())){
+            return ApiResponse.failRsp(ErrorMessage.APITYPESET_NOTFOUND.getCode(),request.getHeader("RequestId"),ErrorMessage.APITYPESET_NOTFOUND.getMessage());
         }
         try {
             BusinessType bus = BusinessType.valueOf(apiReq.getCode());
             apiReq.setBusinessType(bus);
-            apiReq.setEmployee(employee);
             request.getSession().setAttribute("language", "zh_CN");
         }catch (Exception e){
             e.printStackTrace();
-            return ApiResponse.failRsp(ErrorMessage.APITYPE_ILLEGAL.getCode(),request.getHeader("RequestId"),ErrorMessage.APITYPE_ILLEGAL.getMessage());
+            return ApiResponse.failRsp(ErrorMessage.APITYPESET_NOTFOUND.getCode(),request.getHeader("RequestId"),ErrorMessage.APITYPESET_NOTFOUND.getMessage());
         }
-        //切账套
-        if(apiReq.getfCode() == null){
-            return ApiResponse.failRsp(ErrorMessage.MASTER_EMPTY.getCode(),request.getHeader("RequestId"),ErrorMessage.MASTER_EMPTY.getMessage());
+        if(baseDao.checkIf("MESAPI_FAC","FCODE='"+apiReq.getfCode()+"' and ACCESSKEY = '"+apiReq.getAccessKey()+"' and OPENALL = 0")) {
+            if(!baseDao.checkIf("MESAPI_FAC_FUNC","FCODE='"+apiReq.getfCode()+"' and ACCESSKEY = '"+apiReq.getAccessKey()+"' and upper(FUNC) = '"+apiReq.getCode().toUpperCase()+"' and ENABLED = 1")) {
+                return ApiResponse.failRsp(ErrorMessage.APITYPE_DISABLED.getCode(),request.getHeader("RequestId"),String.format(ErrorMessage.APITYPE_DISABLED.getMessage(),apiReq.getCode().toUpperCase()));
+            }
+        }
+        Employee employee = new Employee();
+        employee.setEm_code(apiReq.getAccessKey());
+        employee.setEm_name("API("+apiReq.getAccessKey()+")");
+        employee.setEm_type("admin");
+        employee.setEm_class("admin_virtual");
+        apiReq.setEmployee(employee);
+        //账套
+        String toSp = StringUtil.nvl(baseDao.getFieldDataByCondition("MESAPI_FAC", "nvl(upper(max(MACODE)),'')", "FCODE='"+apiReq.getfCode()+"' and ACCESSKEY = '"+apiReq.getAccessKey()+"'"),"");
+        if(toSp.length()==0){
+            return ApiResponse.failRsp(ErrorMessage.FAC_EMPTY.getCode(),request.getHeader("RequestId"),String.format(ErrorMessage.FAC_EMPTY.getMessage(),apiReq.getfCode().toUpperCase()));
         }
-        String toSp = String.valueOf(apiReq.getfCode()).toUpperCase();
+        apiReq.setmCode(toSp);
         String fromSp = SpObserver.getSp();
         if(fromSp==null&&username!=null){
             fromSp = username;
             SpObserver.putSp(fromSp);
         }
-        if(!fromSp.equals(toSp)){
-            if(!baseDao.checkIf(username+".master","ma_user = '"+toSp+"'")){
-                return ApiResponse.failRsp(ErrorMessage.MASTER_ILLEGAL.getCode(),request.getHeader("RequestId"),String.format(ErrorMessage.MASTER_ILLEGAL.getMessage(),toSp));
+        ApiResult<Map<String, Object>> res = new ApiResult<>();
+        try {
+            if(!fromSp.equals(toSp)){
+                SpObserver.putSp(toSp);
             }
-            if(!baseDao.checkIf(username+".master","ma_user = '"+toSp+"' and nvl(ma_enableapi,0) = 1")){
-                return ApiResponse.failRsp(ErrorMessage.MASTER_DISABLED.getCode(),request.getHeader("RequestId"),String.format(ErrorMessage.MASTER_DISABLED.getMessage(),toSp));
+            res = eapiDataService.dockingOrders(apiReq);
+        }catch (Exception e){
+            e.printStackTrace();
+            //记录处理失败 e.cause.toString()
+            String errorMsg = null;
+            if(e.getCause() != null){
+                errorMsg = e.getCause().getMessage();
+            }
+            if(errorMsg == null){
+                errorMsg = (StringUtil.hasText(e.getMessage())) ? e.getMessage() : ErrorMessage.BUSINESS_ILLEGAL.getMessage();
+            }
+            return ApiResponse.failRsp(ErrorMessage.BUSINESS_ILLEGAL.getCode(),apiReq.getRequestId(),errorMsg);
+        }finally {
+            if(!fromSp.equals(toSp)){
+                SpObserver.putSp(fromSp);
             }
-            SpObserver.putSp(toSp);
-        }
-        ApiResult<Map<String, Object>> res = eapiDataService.dockingOrders(apiReq);
-        if(!fromSp.equals(toSp)){
-            SpObserver.putSp(fromSp);
         }
         return res;
     }

src/main/java/com/uas/eis/core/support/ApiSignLoginInterceptor.java

@@ -28,10 +28,9 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
     private static final String TIMESTAMP_KEY = "Timestamp";
     private static final String SIGN_KEY = "Signature";
     private static final String RequestId = "RequestId";
-    private static Map<String,String> tokenConfig = TokenProperties.getAllProperty();
+    private static final String FCODE = "fCode";//工厂代码
     private final Logger logger = LoggerFactory.getLogger(this.getClass());
 
-
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         logger.info(String.format("Content-Type:%s,URI:%s,Header:%s,bodyparam:%s"
@@ -46,13 +45,12 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
         String accessKey = request.getHeader(ACCESS_KEY);
         String requestId = request.getHeader(RequestId);
         String originSign = request.getHeader(SIGN_KEY);
-        Object accessSecret_O = baseDao.getFieldDataByCondition("EMPLOYEE", "EM_APISECRET", "EM_CODE='" + accessKey + "' and nvl(EM_ISAPI,0)<>0");
-        String accessSecret = accessSecret_O == null ? "" : accessSecret_O.toString();
+        String fCode = request.getHeader(FCODE);
         logger.info("timestamp=="+timestamp);
         logger.info("accessKey=="+accessKey);
         logger.info("requestId=="+requestId);
         logger.info("originSign=="+originSign);
-
+        logger.info("fCode=="+fCode);
         if (StringUtils.isEmpty(requestId)) {
             ApiResult apiResult = new ApiResult();
             apiResult.setCode(ErrorMessage.REQUESTID_ILLEGAL.getCode());
@@ -67,16 +65,6 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
             apiResult.setRequestId(requestId);
             throw new ApiSystemException(apiResult);
         }
-
-        // 检查KEY是否合理
-        if (StringUtils.isEmpty(accessKey) || StringUtils.isEmpty(accessSecret)) {
-            ApiResult apiResult = new ApiResult();
-            apiResult.setCode(ErrorMessage.ACCESSKEY_ILLEGAL.getCode());
-            apiResult.setMessage(ErrorMessage.ACCESSKEY_ILLEGAL.getMessage());
-            apiResult.setRequestId(requestId);
-            throw new ApiSystemException(apiResult);
-        }
-
         Long ts = Long.valueOf(timestamp);
         // 禁止超时签名
         if (System.currentTimeMillis() - ts > SIGN_EXPIRED_TIME) {
@@ -87,7 +75,50 @@ public class ApiSignLoginInterceptor extends HandlerInterceptorAdapter {
             System.out.println(System.currentTimeMillis());
             throw new ApiSystemException(apiResult);
         }
-
+        if (StringUtils.isEmpty(accessKey)) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.ACCESSKEY_ILLEGAL.getCode());
+            apiResult.setMessage(ErrorMessage.ACCESSKEY_ILLEGAL.getMessage());
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
+        //判断工厂
+        if(StringUtils.isEmpty(fCode)) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.FAC_EMPTY.getCode());
+            apiResult.setMessage(ErrorMessage.FAC_EMPTY.getMessage());
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
+        if(!baseDao.checkIf("MESAPI_FAC","FCODE='"+fCode+"' and ACCESSKEY = '"+accessKey+"' and MACODE is not null and APISECRET is not null ")) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.FAC_ILLEGAL.getCode());
+            apiResult.setMessage(String.format(ErrorMessage.FAC_ILLEGAL.getMessage(),fCode));
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
+        if(!baseDao.checkIf("MESAPI_FAC","FCODE='"+fCode+"' and ACCESSKEY = '"+accessKey+"' and ENABLED = 1 ")) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.FAC_DISABLED.getCode());
+            apiResult.setMessage(String.format(ErrorMessage.FAC_DISABLED.getMessage(),fCode));
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
+        if(!baseDao.checkIf("MESAPI_FAC,master","ma_user = MACODE and FCODE='"+fCode+"' and ACCESSKEY = '"+accessKey+"'")){
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.FAC_ILLEGAL.getCode());
+            apiResult.setMessage(String.format(ErrorMessage.FAC_ILLEGAL.getMessage(),fCode));
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
+        String accessSecret = baseDao.getFieldDataByCondition("MESAPI_FAC", "nvl(max(APISECRET),'')", "FCODE='"+fCode+"' and ACCESSKEY = '"+accessKey+"' and ENABLED = 1 ").toString();
+        if (StringUtils.isEmpty(accessSecret)) {
+            ApiResult apiResult = new ApiResult();
+            apiResult.setCode(ErrorMessage.ACCESSKEY_ILLEGAL.getCode());
+            apiResult.setMessage(ErrorMessage.ACCESSKEY_ILLEGAL.getMessage());
+            apiResult.setRequestId(requestId);
+            throw new ApiSystemException(apiResult);
+        }
         if (!verificationSign(accessKey, accessSecret,timestamp,requestId,originSign)) {
             ApiResult apiResult = new ApiResult();
             apiResult.setCode(ErrorMessage.SIGNATURE_ILLEGAL.getCode());

src/main/java/com/uas/eis/entity/ApiReq.java

@@ -12,6 +12,7 @@ public class ApiReq<T> {
     private String code;
 
     private String fCode;//工厂代码
+    private String mCode;//账套
     //传入 数据集
     private ApiData data;
 
@@ -39,6 +40,14 @@ public class ApiReq<T> {
         this.fCode = fCode;
     }
 
+    public String getmCode() {
+        return mCode;
+    }
+
+    public void setmCode(String mCode) {
+        this.mCode = mCode;
+    }
+
     public String getCode() {
         return code;
     }

src/main/java/com/uas/eis/entity/ErrorMessage.java

@@ -13,15 +13,13 @@ public enum ErrorMessage {
     TIMEOUT_ILLEGAL("1003","请求超时"),
     REQUESTID_ILLEGAL("1004","随机字符串不合法"),
     SIGNATURE_ILLEGAL("1005","签名错误"),
-    BUSINESS_ILLEGAL("2001","业务异常"),
-
-    APITYPE_ILLEGAL("1006","接口类型不存在"),
-    EMP_ILLEGAL("1007","登录用户错误或不存在"),
-    APITYPESET_NOTFOUND("1008","接口方法不存在"),
-    BUSDATA_ILLEGAL("1009","接口数据错误"),
-    MASTER_EMPTY("1010","工厂代码为空"),
-    MASTER_ILLEGAL("1011","工厂代码:%s 非法。"),
-    MASTER_DISABLED("1012","工厂:%s 尚未开通对接业务。");
+    APITYPESET_NOTFOUND("1006","接口不存在"),
+    APITYPE_DISABLED("1007","此接口:%s功能未授权启用"),
+    BUSDATA_ILLEGAL("1008","接口数据错误"),
+    FAC_EMPTY("1009","工厂代码为空"),
+    FAC_ILLEGAL("1010","工厂代码:%s 非法。"),
+    FAC_DISABLED("1011","工厂:%s 尚未开通对接业务。"),
+    BUSINESS_ILLEGAL("2001","业务异常");
 
     private String code;
     private String message;

src/main/java/com/uas/eis/service/EAPICommonService.java

@@ -10,8 +10,6 @@ import java.util.Map;
 
 public interface EAPICommonService {
 
-	Employee loginEmp(ApiReq apiReq);
-
 	MesApiLog log(ApiReq apiReq);
 
 	void logSucess(MesApiLog log, String msg);

src/main/java/com/uas/eis/service/Impl/EAPICommonServiceImpl.java

@@ -2,8 +2,6 @@ package com.uas.eis.service.Impl;
 
 import com.uas.eis.dao.BaseDao;
 import com.uas.eis.entity.*;
-import com.uas.eis.exception.ApiSystemException;
-import com.uas.eis.sdk.entity.ApiResult;
 import com.uas.eis.service.EAPICommonService;
 import com.uas.eis.utils.StringUtil;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -18,19 +16,8 @@ public class EAPICommonServiceImpl implements EAPICommonService {
 	@Autowired
 	private BaseDao baseDao;
 	@Override
-	public Employee loginEmp(ApiReq apiReq) {
-		try {
-			Employee employee = baseDao.getJdbcTemplate().queryForObject("select * from employee where em_code=?",
-					new BeanPropertyRowMapper<Employee>(Employee.class),apiReq.getAccessKey());
-			return employee;
-		}catch (Exception e){
-			e.printStackTrace();
-		}
-		return null;
-	}
-	@Override
 	public MesApiLog log(ApiReq apiReq) {
-		apiReq.setLogID(baseDao.getSeqId(apiReq.getfCode()+".MesApiLog_SEQ"));
+		apiReq.setLogID(baseDao.getSeqId(apiReq.getmCode()+".MesApiLog_SEQ"));
 		MesApiLog log = new MesApiLog(apiReq);
 		try {
 			//保存记录

src/main/java/com/uas/eis/service/Impl/EAPIMesBusiness.java

@@ -26,7 +26,6 @@ public class EAPIMesBusiness {
     /**
      * 报废记录
      */
-//    @Transactional
     public ApiResult<Map<String, Object>> createScrap(ApiReq apiReq){
         ApiResult<Map<String, Object>> res = new ApiResult<>();
         ApiData apiData = apiReq.getData();

src/main/resources/README.md

@@ -0,0 +1,63 @@
+# 项目说明
+
+###线上接口文档
+https://doc.ubtob.net/web/#/280?page_id=1529
+
+####代码结构
+- 对接拦截器： 
+
+    ```com.uas.eis.core.support.ApiSignLoginInterceptor```
+    - 主要校验:
+        1. 时间戳、
+        2. AccessKey
+        3. AccessSecret
+        4. 签名
+    
+- 业务接口枚举类：
+
+    ```com.uas.eis.core.enums.BusinessType```
+    
+- 接口controller:
+
+    ```com.uas.eis.controller.ERPController```
+    - 主要功能：
+        - 工厂判断
+        - 接口支持判断
+        - 对外统一对接路径
+- 接口入口:
+
+    ``` com.uas.eis.service.EAPIDataService ``` 
+    
+    ```com.uas.eis.service.Impl.EAPIDataServiceImpl ```
+    - 按照业务枚举类判断调用具体业务层代码
+ - 业务实现：
+ 
+    ```com.uas.eis.service.Impl.EAPIMesBusiness```
+    - 功能清单：
+        - 报废记录写入: createScrap
+####表结构
+- 工厂配置表:  MESAPI_FAC
+
+| 字段 | 字段类型 | 必填 | 默认值 | 说明 |
+|:--- |:--- |:--- |:--- |:---  |
+| FCODE | VARCHAR2(20 BYTE) | 是 |  | 工厂代码 |
+| MACODE | VARCHAR2(20 BYTE) | 是 |  | 账套编号 |
+| ENABLED | NUMBER | 否 | 0  |  是否启用对接(0/1对应：否/是) |
+| ACCESSKEY | VARCHAR2(50 BYTE) | 是 |  | 对接方KEY |
+| APISECRET | VARCHAR2(100 BYTE) | 是 |  | 对接密钥 |
+|OPENALL| NUMBER| Yes| 0 | 启用全部接口方法|
+
+- 工厂接口方法配置表:  MESAPI_FAC_FUNC
+    
+     工厂配置：OPENALL 为0是调用校验
+
+| 字段 | 字段类型 | 必填 | 默认值 | 说明 |
+|:--- |:--- |:--- |:--- |:---  |
+| FCODE | VARCHAR2(20 BYTE) | 是 |  | 工厂代码 |
+| ACCESSKEY | VARCHAR2(50 BYTE) | 是 |  | 对接方KEY |
+| ENABLED | NUMBER | 否 | 0  |  是否启用(0/1对应：否/是) |
+| FUNC | VARCHAR2(50 BYTE) | 是 |  | 方法 |
+| FUNC_DESC | VARCHAR2(100 BYTE) | 是 |  | 方法说明 |
+
+
+