Merge branch 'dev'

epmet-auth/src/main/java/com/epmet/service/impl/GovLoginServiceImpl.java

@@ -152,7 +152,7 @@ public class GovLoginServiceImpl implements GovLoginService {
         }
         StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = latestStaffWechat.getData();
         //2、记录staff_wechat
-        this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), wxMaJscode2SessionResult.getOpenid());
+        this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), wxMaJscode2SessionResult.getOpenid(), staffLatestAgencyResultDTO.getCustomerId());
         //3、记录登录日志
         this.saveStaffLoginRecord(staffLatestAgencyResultDTO);
         //4、获取用户token
@@ -276,7 +276,7 @@ public class GovLoginServiceImpl implements GovLoginService {
         WxMaJscode2SessionResult wxMaJscode2SessionResult = loginService.getWxMaUser(LoginConstant.APP_GOV, formDTO.getWxCode(), formDTO.getAppId());
 
         //3、记录staff_wechat,并记录用户激活状态，激活时间
-        this.savestaffwechat(customerStaff.getUserId(), wxMaJscode2SessionResult.getOpenid());
+        this.savestaffwechat(customerStaff.getUserId(), wxMaJscode2SessionResult.getOpenid(), formDTO.getCustomerId());
         //4、记录登录日志
         this.saveStaffLoginRecord(formDTO, customerStaff.getUserId(), wxMaJscode2SessionResult.getOpenid());
         //5.1、获取用户token
@@ -401,10 +401,11 @@ public class GovLoginServiceImpl implements GovLoginService {
      * @Description 保存微信和当前登录用户关系
      * @Date 2020/4/18 22:54
      **/
-    private Result savestaffwechat(String userId, String openid) {
+    private Result savestaffwechat(String userId, String openid, String customerId) {
         StaffWechatFormDTO staffWechatFormDTO = new StaffWechatFormDTO();
         staffWechatFormDTO.setUserId(userId);
         staffWechatFormDTO.setWxOpenId(openid);
+        staffWechatFormDTO.setCustomerId(customerId);
         return epmetUserFeignClient.saveStaffWechat(staffWechatFormDTO);
     }
 

epmet-auth/src/main/java/com/epmet/service/impl/SsoServiceImpl.java

@@ -116,6 +116,7 @@ public class SsoServiceImpl implements SsoService {
         userInfoFormDTO.setUid(userInfo.getOpenId());
         userInfoFormDTO.setName(userInfo.getName());
         userInfoFormDTO.setMobile(userInfo.getMobile());
+        userInfoFormDTO.setCustomerId(customerId);
 
         Result<UserDTO> userDTOResult = epmetUserOpenFeignClient.saveUserInfo(userInfoFormDTO);
         if (!userDTOResult.success()){

epmet-auth/src/main/java/com/epmet/service/impl/ThirdLoginServiceImpl.java

@@ -153,7 +153,7 @@ public class ThirdLoginServiceImpl implements ThirdLoginService {
         StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = latestStaffWechat.getData();
 
         //3.记录staff_wechat
-        this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), userWechatDTO.getWxOpenId());
+        this.savestaffwechat(staffLatestAgencyResultDTO.getStaffId(), userWechatDTO.getWxOpenId(), staffLatestAgencyResultDTO.getCustomerId());
 
         //4.记录登录日志
         this.saveStaffLoginRecord(staffLatestAgencyResultDTO);
@@ -175,10 +175,11 @@ public class ThirdLoginServiceImpl implements ThirdLoginService {
      * @Author sun
      * @Description 保存微信和当前登录用户关系
      **/
-    private Result savestaffwechat(String userId, String openid) {
+    private Result savestaffwechat(String userId, String openid, String customerId) {
         StaffWechatFormDTO staffWechatFormDTO = new StaffWechatFormDTO();
         staffWechatFormDTO.setUserId(userId);
         staffWechatFormDTO.setWxOpenId(openid);
+        staffWechatFormDTO.setCustomerId(customerId);
         return epmetUserOpenFeignClient.saveStaffWechat(staffWechatFormDTO);
     }
 
@@ -366,7 +367,7 @@ public class ThirdLoginServiceImpl implements ThirdLoginService {
         wxMaJscode2SessionResult.setUnionid("");
         // end
         //3、记录staff_wechat,并记录用户激活状态，激活时间
-        this.savestaffwechat(customerStaff.getUserId(), userWechatDTO.getWxOpenId());
+        this.savestaffwechat(customerStaff.getUserId(), userWechatDTO.getWxOpenId(), formDTO.getCustomerId());
         //4、记录登录日志
         StaffLatestAgencyResultDTO staffLatestAgencyResultDTO = new StaffLatestAgencyResultDTO();
         staffLatestAgencyResultDTO.setCustomerId(formDTO.getCustomerId());

epmet-commons/epmet-commons-mybatis/src/main/java/com/epmet/commons/mybatis/handler/FieldMetaObjectHandler.java

@@ -51,6 +51,7 @@ public class FieldMetaObjectHandler implements MetaObjectHandler {
         Date date = new Date();
         if (metaObject.getOriginalObject() instanceof BaseEpmetEntity) {
             // epmet项目新增的
+            setFieldValByName(FieldConstant.CUSTOMER_ID_HUMP, getCustomerIdByFieldValue(metaObject), metaObject);
             setFieldValByName(FieldConstant.CREATED_TIME_HUMP, getCreatedTimeByFieldValue(metaObject), metaObject);
             setFieldValByName(FieldConstant.CREATED_BY_HUMP, getCreatedByFieldValue(metaObject), metaObject);
             setFieldValByName(FieldConstant.UPDATED_TIME_HUMP, getUpdatedTimeByFieldValue(metaObject), metaObject);
@@ -95,6 +96,13 @@ public class FieldMetaObjectHandler implements MetaObjectHandler {
         return value;
     }
 
+    public Object getCustomerIdByFieldValue(MetaObject metaObject) {
+        if (metaObject.hasSetter(FieldConstant.CUSTOMER_ID_HUMP)) {
+            return loginUserUtil.getLoginUserCustomerId();
+        }
+        return null;
+    }
+
     public Object getCreatedTimeByFieldValue(MetaObject metaObject) {
         Object createdTime = null;
         if (metaObject.hasGetter(FieldConstant.CREATED_TIME_HUMP)) {

epmet-commons/epmet-commons-openapi/pom.xml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>epmet-commons</artifactId>
+        <groupId>com.epmet</groupId>
+        <version>2.0.0</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>epmet-commons-openapi</artifactId>
+
+
+</project>

epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/AuthTypes.java

@@ -0,0 +1,8 @@
+package com.epmet.openapi.constant;
+
+/**
+ * 认证方式
+ */
+public interface AuthTypes {
+    String TAKE_TOKEN = "take_token";
+}

epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/InClusterHeaderKeys.java

@@ -0,0 +1,10 @@
+package com.epmet.openapi.constant;
+
+/**
+ * 集群内的Header key
+ */
+public interface InClusterHeaderKeys {
+
+    String APP_ID = "AppId";
+
+}

epmet-commons/epmet-commons-openapi/src/main/java/com/epmet/openapi/constant/RequestParamKeys.java

@@ -0,0 +1,14 @@
+package com.epmet.openapi.constant;
+
+/**
+ * url请求参数key
+ */
+public class RequestParamKeys {
+
+    public static String APP_ID = "app_id";
+    public static String AUTH_TYPE = "auth_type";
+    public static String TIMESTAMP = "timestamp";
+    public static String SIGN = "sign";
+    public static String NONCE = "nonce";
+
+}

epmet-commons/epmet-commons-security/pom.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>epmet-commons</artifactId>
+        <groupId>com.epmet</groupId>
+        <version>2.0.0</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>epmet-commons-security</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-tools</artifactId>
+            <version>2.0.0</version>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt</artifactId>
+            <version>0.7.0</version>
+        </dependency>
+    </dependencies>
+</project>

epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/jwt/JwtUtils.java

@@ -0,0 +1,131 @@
+/**
+ * Copyright (c) 2018 人人开源 All rights reserved.
+ * <p>
+ * https://www.renren.io
+ * <p>
+ * 版权所有，侵权必究！
+ */
+
+package com.epmet.commons.security.jwt;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Jwt工具类
+ *
+ * @author Mark sunlightcs@gmail.com
+ * @since 1.0.0
+ */
+@Component
+public class JwtUtils {
+    private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class);
+
+    public Claims getClaimByToken(String token, String secret) {
+        try {
+            return Jwts.parser()
+                    .setSigningKey(secret)
+                    .parseClaimsJws(token)
+                    .getBody();
+        } catch (Exception e) {
+            logger.debug("validate is token error, token = " + token, e);
+            return null;
+        }
+    }
+
+    /**
+     * @return java.util.Date
+     * @param token
+     * @Author yinzuomei
+     * @Description 获取token的有效期截止时间
+     * @Date 2020/3/18 22:17
+     **/
+    public Date getExpiration(String token, String secret){
+        try {
+            return Jwts.parser()
+                    .setSigningKey(secret)
+                    .parseClaimsJws(token)
+                    .getBody().getExpiration();
+        } catch (Exception e) {
+            logger.debug("validate is token error, token = " + token, e);
+            return null;
+        }
+    }
+
+    /**
+     * @return java.lang.String
+     * @Author yinzuomei
+     * @Description 根据app+client+userId生成token
+     * @Date 2020/3/18 22:29
+     **/
+    public String createToken(Map<String, Object> claims, int expire, String secret) {
+        return Jwts.builder()
+                .setHeaderParam("typ", "JWT")
+                .setClaims(claims)
+                .setIssuedAt(new Date())
+                .setExpiration(DateTime.now().plusSeconds(expire).toDate())
+                .signWith(SignatureAlgorithm.HS512, secret)
+                .compact();
+    }
+
+    /**
+     * @Description 创建Token
+     * @return Token
+     * @param claims 载荷信息
+     * @param expireTime 过期时间
+     * @param secret 秘钥
+     * @author wxz
+     * @date 2021.03.26 13:33
+    */
+    public String createToken(Map<String, Object> claims, Date expireTime, String secret) {
+        return Jwts.builder()
+                .setHeaderParam("typ", "JWT")
+                .setClaims(claims)
+                .setIssuedAt(new Date())
+                .setExpiration(expireTime)
+                .signWith(SignatureAlgorithm.HS512, secret)
+                .compact();
+    }
+
+    /**
+     * token是否过期
+     *
+     * @return true：过期
+     */
+    public boolean isTokenExpired(Date expiration) {
+        return expiration.before(new Date());
+    }
+
+    public static void main(String[] args) {
+        Map<String, Object> map=new HashMap<>();
+        map.put("app","gov");
+        map.put("client","wxmp");
+        map.put("userId","100526ABC");
+        String tokenStr=Jwts.builder()
+                .setHeaderParam("typ", "JWT")
+                .setClaims(map)
+                .setIssuedAt(new Date())
+                .setExpiration(DateTime.now().plusSeconds(604800).toDate())
+                .signWith(SignatureAlgorithm.HS512, "7016867071f0ebf1c46f123eaaf4b9d6[elink.epmet]")
+                .compact();
+        System.out.println(tokenStr);
+        Claims claims= Jwts.parser()
+                .setSigningKey("7016867071f0ebf1c46f123eaaf4b9d6[elink.epmet]")
+                .parseClaimsJws(tokenStr)
+                .getBody();
+        System.out.println("app="+ claims.get("app"));
+        System.out.println("client="+ claims.get("client"));
+        System.out.println("userId="+ claims.get("userId"));
+    }
+
+}

epmet-commons/epmet-commons-security/src/main/java/com/epmet/commons/security/sign/openapi/OpenApiSignUtils.java

@@ -0,0 +1,109 @@
+package com.epmet.commons.security.sign.openapi;
+
+import com.epmet.commons.tools.utils.Md5Util;
+
+import java.util.*;
+
+/**
+ * OpenApi签名工具
+ */
+public class OpenApiSignUtils {
+
+    /**
+     * @Description 创建签名
+     * @return
+     * @author wxz
+     * @date 2021.03.22 16:47
+    */
+    public static String createSign(Map<String, String> contentMap, String signKey) {
+        String str2beSigned = mapToSignStr(contentMap);
+        str2beSigned = str2beSigned.concat("&sign_key=").concat(signKey);
+        return Md5Util.md5(str2beSigned);
+    }
+
+    /**
+     * @Description 验签
+     * @return
+     * @author wxz
+     * @date 2021.03.22 16:51
+    */
+    public static boolean checkSign(Map<String, String> contentMap, String signKey) {
+        String newSign = createSign(contentMap, signKey);
+        return newSign.equals(contentMap.get("sign"));
+    }
+
+    /**
+     * @Description map转化为签名明文
+     * @return
+     * @author wxz
+     * @date 2021.03.22 16:47
+    */
+    public static String mapToSignStr(Map<String, String> map) {
+        Set<String> keySet = map.keySet();
+        String[] keyArray = (String[])keySet.toArray(new String[keySet.size()]);
+        Arrays.sort(keyArray);
+        StringBuilder sb = new StringBuilder();
+
+        for(int i = 0; i < keyArray.length; ++i) {
+            String key = keyArray[i];
+            String val = (String)map.get(key);
+            if (val != null && val.trim().length() > 0 && !"sign".equals(key)) {
+                if (!sb.toString().isEmpty()) {
+                    sb.append("&");
+                }
+
+                sb.append(key).append("=").append((String)map.get(key));
+            }
+        }
+
+        return sb.toString();
+    }
+
+    public static void main(String[] args) {
+        generateGetAccessTokenSign();
+        System.out.println("==============");
+        generateGetOrgDetailSign();
+    }
+
+    private static void generateGetAccessTokenSign() {
+        long now = System.currentTimeMillis();
+        System.out.println(now);
+
+        String uuid = UUID.randomUUID().toString().replace("-", "");
+
+        HashMap<String, String> content = new HashMap<>();
+        content.put("app_id", "7d98b8af2d05752b4225709c4cfd4bd0");
+        content.put("timestamp", String.valueOf(now));
+        content.put("nonce", uuid);
+        content.put("auth_type", "take_token");
+
+        String secret = "3209ee9f41704482be1a1fb5873a25376f2899191ca846119d44168316bc3e44";
+
+        String sign = createSign(content, secret);
+
+        System.out.println("时间戳:" + now);
+        System.out.println("随机数:" + uuid);
+        System.out.println("签名：" + sign);
+    }
+
+    private static void generateGetOrgDetailSign() {
+        long now = System.currentTimeMillis();
+        String uuid = UUID.randomUUID().toString().replace("-", "");;
+        System.out.println("时间戳:" + now);
+        System.out.println("随机数:" + uuid);
+
+        HashMap<String, String> content = new HashMap<>();
+        //content.put("orgId", "aaa");
+        //content.put("test", null);
+        content.put("gridId", "12128e0f614f1c00a058ea9a107033b2");
+        content.put("app_id", "7d98b8af2d05752b4225709c4cfd4bd0");
+        content.put("timestamp", String.valueOf(now));
+        content.put("nonce", uuid);
+        content.put("auth_type", "take_token");
+
+        String secret = "3209ee9f41704482be1a1fb5873a25376f2899191ca846119d44168316bc3e44";
+
+        String sign = createSign(content, secret);
+        System.out.println("签名：" + sign);
+    }
+}

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/BaseRequestLogAspect.java

@@ -77,7 +77,7 @@ public abstract class BaseRequestLogAspect {
             return result;
         } catch (ValidateException e) {
             result = handleValidateException(e);
-            resultErrorLog(transactionSerial, getExecPeriod(startTime), result, e.getMsg(), ExceptionUtils.getErrorStackTrace(e));
+            resultWarnLog(transactionSerial, getExecPeriod(startTime), result, e.getMsg(), ExceptionUtils.getErrorStackTrace(e));
         } catch (DuplicateKeyException e) {
             result = handlerDuplicateKeyException(e);
             resultErrorLog(transactionSerial, getExecPeriod(startTime), result, e.getMessage(), ExceptionUtils.getErrorStackTrace(e));

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java

@@ -149,7 +149,16 @@ public enum EpmetErrorCode {
     TOPIC_IS_CLOSED(9008,"该话题已关闭，无法转为议题"),
 
     CUSTOMER_CATEGORY(9101,"分类已使用，不允许删除"),
-    CATEGORY_NAME(9102,"分类名称已存在，不允许重复");
+    CATEGORY_NAME(9102,"分类名称已存在，不允许重复"),
+
+	// open api异常
+	OPEN_API_UNAUTHENTICATED(10100, "请求未认证"),
+	OPEN_API_TOKEN_EXPIRED(10102, "Token过期"),
+	OPEN_API_PARAMS_MISSING(10103, "参数不完整"),
+	OPEN_API_SIGN_ERROR(10104, "签名错误"),
+	OPEN_API_PARAMS_APPID_DIFF(10105, "app_id不一致"), // app_id在请求参数中和在token中不一致
+	OPEN_API_REQUEST_EXPIRED(10106, "请求过期"),
+	OPEN_API_REQUEST_REPEAT(10107, "请求重复");
 
 	private int code;
 	private String msg;

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java

@@ -380,6 +380,26 @@ public class RedisKeys {
 		return rootPrefix.concat("badge:user:").concat(customerId).concat(":").concat(StringUtils.isBlank(userId) ? "*" : userId);
 	}
 
+	/**
+	 * @Description 获取openApi的accessToken的key
+	 * @return
+	 * @author wxz
+	 * @date 2021.03.23 10:25
+	*/
+	public static String getOpenApiAccessTokenKey(String appId) {
+		return rootPrefix.concat("openapi:accesstoken:").concat(appId);
+	}
+
+	/**
+	 * @Description 获取OpenApi请求随机数nonce
+	 * @return
+	 * @author wxz
+	 * @date 2021.03.24 17:49
+	*/
+	public static String getOpenApiNonceKey(String nonce) {
+		return rootPrefix.concat("openapi:nonce:").concat(nonce);
+	}
+
 	/**
 	 * desc: 根据文件路径获取oss 文件缓存key
 	 *

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/BaseTokenDto.java

@@ -24,6 +24,9 @@ public class BaseTokenDto {
      */
     private String token;
 
+    /**
+     * 客户id
+     */
     private String customerId;
 
     public BaseTokenDto() {

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java

@@ -31,11 +31,6 @@ public class GovTokenDto extends BaseTokenDto implements Serializable {
      */
     private String unionId;
 
-    /**
-     * 当前工作人员进入的客户id
-     */
-    private String customerId;
-
     /**
      * 过期时间戳
      */

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/TokenDto.java

@@ -40,11 +40,6 @@ public class TokenDto extends BaseTokenDto implements Serializable {
 	 */
 	private long updateTime;
 
-	/**
-	 * 当前工作人员进入的客户id
-	 */
-	private String customerId;
-
 	@Override
 	public String toString() {
 		return JSON.toJSONString(this);

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/user/LoginUserUtil.java

@@ -80,6 +80,23 @@ public class LoginUserUtil {
         return client;
     }
 
+    /**
+     * 获取用户customerId
+     * @return
+     */
+    public String getLoginUserCustomerId() {
+        HttpServletRequest request = HttpContextUtils.getHttpServletRequest();
+        if (request == null) {
+            return null;
+        }
+
+        String client = request.getHeader(AppClientConstant.CUSTOMER_ID);
+        if (StringUtils.isBlank(client)) {
+            return null;
+        }
+        return client;
+    }
+
     /**
      * 获取用户的部门ID列表
      * @return

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/ConvertUtils.java

@@ -12,11 +12,14 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeanUtils;
 
+import java.beans.BeanInfo;
+import java.beans.IntrospectionException;
+import java.beans.Introspector;
+import java.beans.PropertyDescriptor;
 import java.lang.reflect.Field;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.*;
 
 /**
  * 转换工具类
@@ -87,4 +90,33 @@ public class ConvertUtils {
         }
         return t;
     }
+
+    /**
+     * @Description entity转map
+     * @return
+     * @author wxz
+     * @date 2021.03.22 16:38
+    */
+    public static Map<String, String> entityToMap(Object bean) throws IntrospectionException, InvocationTargetException, IllegalAccessException {
+        Class<?> type = bean.getClass();
+        Map<String, String> returnMap = new HashMap(16);
+        BeanInfo beanInfo = Introspector.getBeanInfo(type);
+        PropertyDescriptor[] propertyDescriptors = beanInfo.getPropertyDescriptors();
+
+        for(int i = 0; i < propertyDescriptors.length; ++i) {
+            PropertyDescriptor descriptor = propertyDescriptors[i];
+            String propertyName = descriptor.getName();
+            if (!"class".equals(propertyName)) {
+                Method readMethod = descriptor.getReadMethod();
+                Object result = readMethod.invoke(bean);
+                if (result != null) {
+                    returnMap.put(propertyName, String.valueOf(result));
+                } else {
+                    returnMap.put(propertyName, "");
+                }
+            }
+        }
+
+        return returnMap;
+    }
 }

epmet-commons/pom.xml

@@ -25,6 +25,8 @@
 		<module>epmet-commons-extapp-auth</module>
         <module>epmet-commons-thirdplat</module>
 		<module>epmet-commons-rocketmq</module>
+        <module>epmet-commons-security</module>
+		<module>epmet-commons-openapi</module>
 	</modules>
 
 </project>

epmet-gateway/pom.xml

@@ -13,6 +13,11 @@
     <packaging>jar</packaging>
 
     <dependencies>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-security</artifactId>
+            <version>2.0.0</version>
+        </dependency>
         <dependency>
             <groupId>com.epmet</groupId>
             <artifactId>epmet-commons-tools</artifactId>
@@ -65,6 +70,17 @@
             <artifactId>common-service-client</artifactId>
             <version>2.0.0</version>
         </dependency>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-openapi</artifactId>
+            <version>2.0.0</version>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-openapi</artifactId>
+            <version>2.0.0</version>
+        </dependency>
     </dependencies>
 
     <build>
@@ -298,8 +314,8 @@
 <!--                   <gateway.routes.gov-project-server.uri>http://localhost:8102</gateway.routes.gov-project-server.uri>-->
                 <gateway.routes.gov-project-server.uri>lb://gov-project-server</gateway.routes.gov-project-server.uri>
                 <!--  24、公共服务              -->
-                <gateway.routes.common-service-server.uri>lb://common-service-server</gateway.routes.common-service-server.uri>
-<!--                <gateway.routes.common-service-server.uri>http://localhost:8103</gateway.routes.common-service-server.uri>-->
+                <!--<gateway.routes.common-service-server.uri>lb://common-service-server</gateway.routes.common-service-server.uri>-->
+                <gateway.routes.common-service-server.uri>http://localhost:8103</gateway.routes.common-service-server.uri>
                 <!--  25、党建园地              -->
                 <gateway.routes.resi-home-server.uri>lb://resi-home-server</gateway.routes.resi-home-server.uri>
                 <!--                <gateway.routes.resi-home-server.uri>http://localhost:8104</gateway.routes.resi-home-server.uri>-->
@@ -329,8 +345,8 @@
                 <gateway.routes.epmet-point-server.url>lb://epmet-point-server</gateway.routes.epmet-point-server.url>
                 <!--                <gateway.routes.epmet-point-server.url>http://127.0.0.1:8112</gateway.routes.epmet-point-server.url>-->
                 <!-- 34、 开放接口服务 -->
-                <gateway.routes.epmet-ext-server.url>lb://epmet-ext-server</gateway.routes.epmet-ext-server.url>
-                <!--                <gateway.routes.epmet-ext-server.url>http://127.0.0.1:8113</gateway.routes.epmet-ext-server.url>-->
+                <!--<gateway.routes.epmet-ext-server.url>lb://epmet-ext-server</gateway.routes.epmet-ext-server.url>-->
+                <gateway.routes.epmet-ext-server.url>http://127.0.0.1:8113</gateway.routes.epmet-ext-server.url>
 
                 <!-- 35、多数据源服务 -->
                 <gateway.routes.data-aggregator-server.url>lb://data-aggregator-server</gateway.routes.data-aggregator-server.url>

epmet-gateway/src/main/java/com/epmet/auth/ExtAppTakeTokenAuthProcessor.java

@@ -0,0 +1,91 @@
+package com.epmet.auth;
+
+import com.epmet.commons.security.jwt.JwtUtils;
+import com.epmet.commons.security.sign.openapi.OpenApiSignUtils;
+import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.commons.tools.utils.SpringContextUtils;
+import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
+import com.epmet.openapi.constant.InClusterHeaderKeys;
+import com.epmet.openapi.constant.RequestParamKeys;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+
+import java.util.Date;
+
+/**
+ * 外部应用认证处理器：来平台token的方式
+ */
+@Component
+public class ExtAppTakeTokenAuthProcessor extends ExtAppAuthProcessor {
+
+    @Autowired
+    private JwtUtils jwtTokenUtils;
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    @Override
+    public void auth(String appId, String token, Long ts, ServerWebExchange exchange) {
+        String secret = getSecret(appId);
+
+        // 1.过期验证
+        String accessTokenInCache = redisUtils.getString(RedisKeys.getOpenApiAccessTokenKey(appId));
+        Date expiration = jwtTokenUtils.getExpiration(token, secret);
+        if (StringUtils.isBlank(accessTokenInCache) ||
+                expiration == null ||
+                jwtTokenUtils.isTokenExpired(expiration)
+        ) {
+
+            throw new RenException(EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getCode(),
+                    EpmetErrorCode.OPEN_API_TOKEN_EXPIRED.getMsg());
+        }
+
+        // 2.验签
+        // 验签暂时放到具体接口中，不放在gateway
+        //openApiSignUtils.checkSign();
+
+        // 2. 获取claims
+        Claims claims = jwtTokenUtils.getClaimByToken(token, secret);
+        String appIdInAccessToken = claims.get(RequestParamKeys.APP_ID, String.class);
+
+        if (!appId.equals(appIdInAccessToken)) {
+            // 参数列表的appId和token中封装的不一致
+            throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_APPID_DIFF.getCode(),
+                    EpmetErrorCode.OPEN_API_PARAMS_APPID_DIFF.getMsg());
+        }
+
+        // 3.将app_id放入header中
+        ServerHttpRequest.Builder mutate = exchange.getRequest().mutate();
+        mutate.header(InClusterHeaderKeys.APP_ID, new String[]{appId});
+        exchange.mutate().request(mutate.build()).build();
+    }
+
+    /**
+     * @return
+     * @Description 获取秘钥
+     * @author wxz
+     * @date 2021.03.23 14:12
+     */
+    private String getSecret(String appId) {
+        EpmetCommonServiceOpenFeignClient commonService = SpringContextUtils.getBean(EpmetCommonServiceOpenFeignClient.class);
+        Result<String> result = commonService.getSecret(appId);
+        if (result == null || !result.success()) {
+            throw new RenException("fetchToken方式的外部应用认证，获取secret失败");
+        }
+        String secret = result.getData();
+        if (StringUtils.isBlank(secret)) {
+            throw new RenException("fetchToken方式的外部应用认证，获取secret失败");
+        }
+
+        return secret;
+    }
+}

epmet-gateway/src/main/java/com/epmet/auth/ExternalAuthProcessor.java

@@ -4,6 +4,9 @@ import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.ExceptionUtils;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.filter.CpProperty;
+import com.epmet.openapi.constant.AuthTypes;
+import com.epmet.openapi.constant.RequestParamKeys;
+import com.epmet.utils.ServerHttpRequestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -13,6 +16,7 @@ import org.springframework.http.HttpHeaders;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.stereotype.Component;
 import org.springframework.util.AntPathMatcher;
+import org.springframework.util.MultiValueMap;
 import org.springframework.web.server.ServerWebExchange;
 
 /**
@@ -31,17 +35,23 @@ public class ExternalAuthProcessor extends AuthProcessor {
     public static final String APP_ID_CUSTOMER_ID_KEY = "CustomerId";
     public static final String APP_ID_AUTY_TYPE_KEY = "AuthType";
 
-    // 认证方式
+    /**
+     * 认证方式
+     */
+    // 调用方生成jwt
     public static final String APP_AUTH_TYPE_JWT = "jwt";
+    // 调用方生成md5
     public static final String APP_AUTH_TYPE_MD5 = "md5";
 
-
     @Autowired
     private ExtAppJwtAuthProcessor jwtAuthProcessor;
 
     @Autowired
     private ExtAppMD5AuthProcessor md5AuthProcessor;
 
+    @Autowired
+    private ExtAppTakeTokenAuthProcessor takeTokenAuthProcessor;
+
     private final AntPathMatcher antPathMatcher = new AntPathMatcher();
 
     @Autowired
@@ -58,6 +68,7 @@ public class ExternalAuthProcessor extends AuthProcessor {
         for (String url : cpProperty.getExternalOpenUrls()) {
             if (antPathMatcher.match(url, requestUri)) {
                 inPaths = true;
+                break;
             }
         }
 
@@ -65,27 +76,46 @@ public class ExternalAuthProcessor extends AuthProcessor {
             throw new RenException(EpmetErrorCode.ERR401.getCode(), "所请求的url并未对外部应用开放");
         }
 
+        // 放行白名单
+        for (String url : cpProperty.getExternalAuthUrlsWhiteList()) {
+            if (antPathMatcher.match(url, requestUri)) {
+                return exchange;
+            }
+        }
+
         HttpHeaders headers = request.getHeaders();
 
         String token = headers.getFirst(ACCESS_TOKEN_HEADER_KEY);
-        String appId = headers.getFirst(APP_ID_HEADER_KEY);
         String ts = headers.getFirst(APP_ID_TIMESTAMP_KEY);
         String customerId = headers.getFirst(APP_ID_CUSTOMER_ID_KEY);
-        String authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
-
-        if (StringUtils.isAnyBlank(token, appId)) {
-            throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空");
-        }
+        String authType = getAuthType(headers, request);
 
-        logger.info("外部应用请求认证拦截Aspect执行，appId:{}, token:{}, ts:{}, customerId:{}, authType:{}",
-                appId, token, ts, customerId, authType);
+        logger.info("外部应用请求认证拦截Aspect执行,token:{}, ts:{}, customerId:{}, authType:{}",
+                token, ts, customerId, authType);
 
         // 没传authType或者传的jwt都用jwtprocessor处理
         try {
             if (StringUtils.isBlank(authType) || APP_AUTH_TYPE_JWT.equals(authType)) {
+                String appId = headers.getFirst(APP_ID_HEADER_KEY);
+                if (StringUtils.isAnyBlank(token, appId)) {
+                    throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空");
+                }
                 jwtAuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
             } else if (APP_AUTH_TYPE_MD5.equals(authType)) {
+                String appId = headers.getFirst(APP_ID_HEADER_KEY);
+                if (StringUtils.isAnyBlank(token, appId)) {
+                    throw new RenException(EpmetErrorCode.ERR401.getCode(), "请求头中的AccessToken和AppId不能为空");
+                }
                 md5AuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
+            } else if (AuthTypes.TAKE_TOKEN.equals(authType)) {
+                if (StringUtils.isBlank(token)) {
+                    throw new RenException(EpmetErrorCode.OPEN_API_UNAUTHENTICATED.getCode());
+                }
+                String appId = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.APP_ID);
+                if (StringUtils.isBlank(appId)) {
+                    throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_MISSING.getCode(),"缺少参数:".concat(RequestParamKeys.APP_ID));
+                }
+                takeTokenAuthProcessor.auth(appId, token, StringUtils.isNotBlank(ts) ? new Long(ts) : null, exchange);
             } else {
                 throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "未知的外部认证类型");
             }
@@ -100,4 +130,12 @@ public class ExternalAuthProcessor extends AuthProcessor {
 
         return exchange;
     }
+
+    private String getAuthType(HttpHeaders headers, ServerHttpRequest request) {
+        String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE);
+        if (StringUtils.isBlank(authType)) {
+            authType = headers.getFirst(APP_ID_AUTY_TYPE_KEY);
+        }
+        return authType;
+    }
 }

epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java

@@ -10,6 +10,9 @@ import com.epmet.commons.tools.utils.IpUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.constant.AuthTypeConstant;
 import com.epmet.constant.TokenHeaderKeyConstant;
+import com.epmet.openapi.constant.AuthTypes;
+import com.epmet.openapi.constant.RequestParamKeys;
+import com.epmet.utils.ServerHttpRequestUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -111,6 +114,11 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 		//	}
 		//}
 
+		String authType = ServerHttpRequestUtils.getRequestParam(request, RequestParamKeys.AUTH_TYPE);
+		if (StringUtils.isNotBlank(authType) && AuthTypes.TAKE_TOKEN.equals(authType)) {
+			return AuthTypeConstant.AUTH_TYPE_EXTERNAL;
+		}
+
 		boolean needExternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.ACCESS_TOKEN_HEADER_KEY));
 		boolean needInternal = StringUtils.isNotBlank(request.getHeaders().getFirst(TokenHeaderKeyConstant.AUTHORIZATION_TOKEN_HEADER_KEY));
 

epmet-gateway/src/main/java/com/epmet/filter/CpProperty.java

@@ -32,6 +32,11 @@ public class CpProperty {
      */
     private List<String> externalOpenUrls;
 
+    /**
+     * 对外开放url白名单
+     */
+    private List<String> externalAuthUrlsWhiteList;
+
     /**
      * 不处理token，直接通过
      */

epmet-gateway/src/main/java/com/epmet/utils/ServerHttpRequestUtils.java

@@ -0,0 +1,19 @@
+package com.epmet.utils;
+
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.util.MultiValueMap;
+
+public class ServerHttpRequestUtils {
+
+    /**
+     * @Description 从url中获取appId
+     * @return
+     * @author wxz
+     * @date 2021.03.25 15:13
+     */
+    public static String getRequestParam(ServerHttpRequest request, String paramName) {
+        MultiValueMap<String, String> queryParams = request.getQueryParams();
+        return queryParams.getFirst(paramName);
+    }
+
+}

epmet-gateway/src/main/resources/bootstrap.yml

@@ -422,6 +422,10 @@ feign:
   okhttp:
     enabled: true
 
+#logging:
+#  level:
+#    com.epmet: debug
+
 hystrix:
   command:
     default:
@@ -476,6 +480,11 @@ epmet:
     - /epmetuser/customerstaff/customerlist
     - /message/template/**
     - /data/aggregator/project/projectdistribution
+
+  # 对外开放接口认证白名单
+  externalAuthUrlsWhiteList:
+    - /epmet/ext/open-api/get-access-token
+
   swaggerUrls:
 
 jwt:

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/StaffRoleDTO.java

@@ -83,4 +83,9 @@ public class StaffRoleDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/StaffWechatDTO.java

@@ -123,4 +123,9 @@ public class StaffWechatDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/UserAdviceImgDTO.java

@@ -83,4 +83,9 @@ public class UserAdviceImgDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/UserBaseInfoDTO.java

@@ -128,4 +128,9 @@ public class UserBaseInfoDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/UserDTO.java

@@ -78,4 +78,9 @@ public class UserDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/UserResiInfoDTO.java

@@ -108,4 +108,9 @@ public class UserResiInfoDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/epmetuser/UserWechatDTO.java

@@ -123,4 +123,9 @@ public class UserWechatDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueProcessDTO.java

@@ -99,4 +99,9 @@ public class IssueProcessDTO implements Serializable {
      */
 	private Date updatedTime;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueProjectRelationDTO.java

@@ -79,4 +79,9 @@ public class IssueProjectRelationDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueSatisfactionDetailDTO.java

@@ -84,4 +84,9 @@ public class IssueSatisfactionDetailDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueSatisfactionStatisticalDTO.java

@@ -89,4 +89,9 @@ public class IssueSatisfactionStatisticalDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueVoteDetailDTO.java

@@ -79,4 +79,9 @@ public class IssueVoteDetailDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueVoteStatisticalDTO.java

@@ -89,4 +89,8 @@ public class IssueVoteStatisticalDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govissue/IssueVoteStatisticalDailyDTO.java

@@ -114,4 +114,9 @@ public class IssueVoteStatisticalDailyDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govproject/ProjectOrgRelationDTO.java

@@ -39,6 +39,11 @@ public class ProjectOrgRelationDTO implements Serializable {
      */
 	private String id;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
     /**
      * 关联PROJECT_STAFF，由此ID可以关联出PROJECT_ID、CUSTOMER_ID、PROCESS_ID
      */

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govproject/ProjectRelatedPersonnelDTO.java

@@ -38,6 +38,11 @@ public class ProjectRelatedPersonnelDTO implements Serializable {
      */
 	private String id;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
     /**
      * 项目ID
      */
@@ -98,4 +103,5 @@ public class ProjectRelatedPersonnelDTO implements Serializable {
      */
 	private Date updatedTime;
 
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govproject/ProjectSatisfactionDetailDTO.java

@@ -83,4 +83,9 @@ public class ProjectSatisfactionDetailDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/govproject/ProjectSatisfactionStatisticsDTO.java

@@ -88,4 +88,9 @@ public class ProjectSatisfactionStatisticsDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/GroupInvitationDTO.java

@@ -103,4 +103,9 @@ public class GroupInvitationDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/GroupMemeberOperationDTO.java

@@ -111,4 +111,9 @@ Ps: 1) 入群被拒绝之后，如果再申请是插入一条新的审核中的
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/InvitationAccessRecordDTO.java

@@ -83,4 +83,9 @@ public class InvitationAccessRecordDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiGroupDTO.java

@@ -17,9 +17,10 @@
 
 package com.epmet.dataaggre.dto.resigroup;
 
+import lombok.Data;
+
 import java.io.Serializable;
 import java.util.Date;
-import lombok.Data;
 
 
 /**
@@ -109,4 +110,8 @@ Ps: 如果一个小组被拒绝，当前小组的状态将永久停留在“审
      */
 	private Date updatedTime;
 
+    /**
+     * VISIT_SWITCH 小组是否允许参观:允许：open;不允许：closed
+     */
+    private String visitSwitch;
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiGroupMemberDTO.java

@@ -98,4 +98,9 @@ public class ResiGroupMemberDTO implements Serializable {
      */
 	private String updatedBy;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiGroupOperationDTO.java

@@ -98,4 +98,9 @@ public class ResiGroupOperationDTO implements Serializable {
      */
 	private String messageText;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiGroupStatisticalDTO.java

@@ -103,4 +103,9 @@ public class ResiGroupStatisticalDTO implements Serializable {
      */
 	private String updatedBy;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiTopicAttachmentDTO.java

@@ -103,4 +103,9 @@ public class ResiTopicAttachmentDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiTopicCommentDTO.java

@@ -84,4 +84,9 @@ public class ResiTopicCommentDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiTopicDTO.java

@@ -133,4 +133,9 @@ public class ResiTopicDTO implements Serializable {
      * 话题所属网格id
      */
 	private String gridId;
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-client/src/main/java/com/epmet/dataaggre/dto/resigroup/ResiTopicOperationDTO.java

@@ -83,4 +83,9 @@ public class ResiTopicOperationDTO implements Serializable {
      */
 	private Date updatedTime;
 
+    /**
+     * 客户ID
+     */
+    private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/epmetuser/StaffRoleEntity.java

@@ -53,4 +53,9 @@ public class StaffRoleEntity extends BaseEpmetEntity {
      */
 	private String orgId;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/epmetuser/StaffWechatEntity.java

@@ -93,4 +93,9 @@ public class StaffWechatEntity extends BaseEpmetEntity {
      */
 	private String language;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/epmetuser/UserEntity.java

@@ -48,4 +48,9 @@ public class UserEntity extends BaseEpmetEntity {
      */
 	private String fromClient;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/epmetuser/UserWechatEntity.java

@@ -93,4 +93,9 @@ public class UserWechatEntity extends BaseEpmetEntity {
      */
 	private String language;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueProcessEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -65,4 +67,10 @@ public class IssueProcessEntity extends BaseEpmetEntity {
 	 * */
 	private String orgName;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueProjectRelationEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -45,4 +47,10 @@ public class IssueProjectRelationEntity extends BaseEpmetEntity {
      */
 	private String projectId;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueSatisfactionDetailEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -50,4 +52,10 @@ public class IssueSatisfactionDetailEntity extends BaseEpmetEntity {
      */
 	private String satisfaction;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueSatisfactionStatisticalEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -55,4 +57,10 @@ public class IssueSatisfactionStatisticalEntity extends BaseEpmetEntity {
      */
 	private Integer badCount;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueVoteDetailEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -45,4 +47,10 @@ public class IssueVoteDetailEntity extends BaseEpmetEntity {
      */
 	private String attitude;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueVoteStatisticalDailyEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -82,4 +84,10 @@ public class IssueVoteStatisticalDailyEntity extends BaseEpmetEntity {
      */
 	private Integer votableCount;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govissue/IssueVoteStatisticalEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govissue;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -55,4 +57,10 @@ public class IssueVoteStatisticalEntity extends BaseEpmetEntity {
      */
 	private Integer votableCount;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govproject/ProjectOrgRelationEntity.java

@@ -80,4 +80,9 @@ public class ProjectOrgRelationEntity extends BaseEpmetEntity {
      */
 	private String operation;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govproject/ProjectRelatedPersonnelEntity.java

@@ -68,4 +68,9 @@ public class ProjectRelatedPersonnelEntity extends BaseEpmetEntity {
      */
 	private String userId;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govproject/ProjectSatisfactionDetailEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govproject;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -53,4 +55,10 @@ public class ProjectSatisfactionDetailEntity extends BaseEpmetEntity {
      */
 	private String satisfaction;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/govproject/ProjectSatisfactionStatisticsEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.govproject;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -58,4 +60,10 @@ public class ProjectSatisfactionStatisticsEntity extends BaseEpmetEntity {
      */
 	private Integer badCount;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/GroupInvitationEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -73,4 +75,10 @@ public class GroupInvitationEntity extends BaseEpmetEntity {
      */
 	private Date validEndTime;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/GroupMemeberOperationEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -81,4 +83,10 @@ Ps: 1) 入群被拒绝之后，如果再申请是插入一条新的审核中的
      */
 	private String operateUserId;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/InvitationAccessRecordEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -53,4 +55,10 @@ public class InvitationAccessRecordEntity extends BaseEpmetEntity {
      */
 	private String state;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiGroupEntity.java

@@ -79,4 +79,8 @@ Ps: 如果一个小组被拒绝，当前小组的状态将永久停留在“审
      */
 	private String auditSwitch;
 
+	/**
+	 * VISIT_SWITCH 小组是否允许参观:允许：open;不允许：closed
+	 */
+	private String visitSwitch;
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiGroupMemberEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -68,4 +70,10 @@ public class ResiGroupMemberEntity extends BaseEpmetEntity {
      */
 	private String status;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiGroupOperationEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -68,4 +70,10 @@ public class ResiGroupOperationEntity extends BaseEpmetEntity {
      */
 	private String messageText;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiGroupStatisticalEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -73,4 +75,9 @@ public class ResiGroupStatisticalEntity extends BaseEpmetEntity {
      */
 	private Integer totalNormalMemebers;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiTopicAttachmentEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -73,4 +75,10 @@ public class ResiTopicAttachmentEntity extends BaseEpmetEntity {
      */
 	private Integer duration;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiTopicCommentEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
 import lombok.Data;
@@ -50,4 +52,10 @@ public class ResiTopicCommentEntity extends BaseEpmetEntity {
      */
 	private String status;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiTopicEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -98,4 +100,9 @@ public class ResiTopicEntity extends BaseEpmetEntity {
      */
 	private String issueId;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
 }

epmet-module/data-aggregator/data-aggregator-server/src/main/java/com/epmet/dataaggre/entity/resigroup/ResiTopicOperationEntity.java

@@ -17,6 +17,8 @@
 
 package com.epmet.dataaggre.entity.resigroup;
 
+import com.baomidou.mybatisplus.annotation.FieldFill;
+import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableName;
 
 import com.epmet.commons.mybatis.entity.BaseEpmetEntity;
@@ -53,4 +55,10 @@ public class ResiTopicOperationEntity extends BaseEpmetEntity {
      */
 	private String operationReason;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-statistical/data-statistical-client/src/main/java/com/epmet/dto/project/ProjectOrgRelationDTO.java

@@ -39,6 +39,11 @@ public class ProjectOrgRelationDTO implements Serializable {
      */
 	private String id;
 
+	/**
+	 * 客户ID
+	 */
+	private String customerId;
+
     /**
      * 关联PROJECT_STAFF，由此ID可以关联出PROJECT_ID、CUSTOMER_ID、PROCESS_ID
      */

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/entity/evaluationindex/screen/ScreenDifficultyImgDataEntity.java

@@ -31,4 +31,10 @@ public class ScreenDifficultyImgDataEntity extends BaseEpmetEntity {
 
     private Integer sort;
 
+    /**
+     * 客户ID
+     */
+    @TableField(fill = FieldFill.INSERT)
+    private String customerId;
+
 }

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/entity/evaluationindex/screen/ScreenEventImgDataEntity.java

@@ -52,4 +52,10 @@ public class ScreenEventImgDataEntity extends BaseEpmetEntity {
      */
 	private Integer sort;
 
+	/**
+	 * 客户ID
+	 */
+	@TableField(fill = FieldFill.INSERT)
+	private String customerId;
+
 }

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/service/evaluationindex/extract/toscreen/impl/ScreenGrassrootsGovernDataAbsorptionServiceImpl.java

@@ -190,7 +190,9 @@ public class ScreenGrassrootsGovernDataAbsorptionServiceImpl implements ScreenGr
 
         //立案后会有 一个process 如果没有则说明是垃圾数据 如果有其他方式立项的项目则需要考虑下兼容
         difficulties.removeIf( diff -> StringUtils.isBlank(diff.getLatestOperateDesc()));
-
+        imgList.forEach(item -> {
+            item.setCustomerId(param.getCustomerId());
+        });
         screenDifficultyDataService.dataClean(param.getCustomerId(),difficulties,imgList);
         log.info("【大屏数据抽取-难点赌点执行完毕】 客户Id{} 难点赌点数据{}",param.getCustomerId(),JSON.toJSONString(difficulties));
     }

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/service/evaluationindex/screen/impl/ShiBeiScreenCollServiceImpl.java

@@ -33,6 +33,7 @@ import com.epmet.entity.evaluationindex.screen.ScreenCustomerAgencyEntity;
 import com.epmet.entity.evaluationindex.screen.ScreenCustomerBizOrgEntity;
 import com.epmet.entity.evaluationindex.screen.ScreenEventImgDataEntity;
 import com.epmet.entity.evaluationindex.screen.ScreenUserJoinEntity;
+import com.epmet.service.evaluationindex.screen.ScreenEventImgDataService;
 import com.epmet.service.evaluationindex.screen.ShiBeiScreenCollService;
 import org.apache.commons.collections4.ListUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -94,6 +95,8 @@ public class ShiBeiScreenCollServiceImpl implements ShiBeiScreenCollService {
     private ScreenIndexDataYearlyDao screenIndexDataYearlyDao;
     @Autowired
     private ScreenPublicPartiTotalDataDao screenPublicPartiTotalDataDao;
+    @Autowired
+    private ScreenEventImgDataService screenEventImgDataService;
 
     @DataSource(value = DataSourceConstant.EVALUATION_INDEX, datasourceNameFromArg = true)
     @Override
@@ -194,6 +197,7 @@ public class ShiBeiScreenCollServiceImpl implements ShiBeiScreenCollService {
                     for (int j = NumConstant.ZERO; j < formDTO.getDataList().get(i).getImgDataList().size(); j++) {
                         // 新增 中央区-事件数据图片数据 表
                         ScreenEventImgDataEntity imgDataEntity = new ScreenEventImgDataEntity();
+                        imgDataEntity.setCustomerId(customerId);
                         imgDataEntity.setEventId(formDTO.getDataList().get(i).getImgDataList().get(j).getEventId());
                         imgDataEntity.setEventImgUrl(formDTO.getDataList().get(i).getImgDataList().get(j).getImgUrl());
                         imgDataEntity.setSort(formDTO.getDataList().get(i).getImgDataList().get(j).getSort());
@@ -205,6 +209,7 @@ public class ShiBeiScreenCollServiceImpl implements ShiBeiScreenCollService {
             if (isImgUrl) {
                 screenEventImgDataDao.delEventImgDataByEvent(events);
                 screenEventImgDataDao.batchInsertEventImgData(eventImgDataList);
+//                screenEventImgDataService.insertBatch(eventImgDataList);
             }
 
         }

epmet-module/data-statistical/data-statistical-server/src/main/resources/mapper/evaluationindex/screen/ScreenDifficultyDataDao.xml

@@ -193,6 +193,7 @@
         insert into screen_difficulty_img_data
         (
         ID,
+        CUSTOMER_ID,
         EVENT_ID,
         EVENT_IMG_URL,
         SORT,
@@ -206,6 +207,7 @@
         <foreach collection="list" item="item" index="index" separator=",">
             (
             (SELECT REPLACE(UUID(), '-', '') AS id),
+            #{item.customerId},
             #{item.eventId},
             #{item.eventImgUrl},
             #{item.sort},

epmet-module/data-statistical/data-statistical-server/src/main/resources/mapper/evaluationindex/screen/ScreenEventImgDataDao.xml

@@ -16,6 +16,7 @@
         insert into screen_event_img_data
         (
         ID,
+        CUSTOMER_ID,
         EVENT_ID,
         EVENT_IMG_URL,
         SORT,
@@ -29,6 +30,7 @@
         <foreach collection="list" item="item" index="index" separator=",">
             (
             (SELECT REPLACE(UUID(), '-', '') AS id),
+            #{item.customerId},
             #{item.eventId},
             #{item.eventImgUrl},
             #{item.sort},

epmet-module/epmet-common-service/common-service-client/src/main/java/com/epmet/feign/EpmetCommonServiceOpenFeignClient.java

@@ -20,7 +20,7 @@ import java.util.Map;
  * @date 2020/6/4 10:28
  */
 @FeignClient(name = ServiceConstant.EPMET_COMMON_SERVICE, fallback = EpmetCommonServiceOpenFeignClientFallback.class)
-// @FeignClient(name = ServiceConstant.EPMET_COMMON_SERVICE, fallback = EpmetCommonServiceOpenFeignClientFallback.class, url = "http://localhost:8103")
+ //@FeignClient(name = ServiceConstant.EPMET_COMMON_SERVICE, fallback = EpmetCommonServiceOpenFeignClientFallback.class, url = "http://192.168.1.132:8103")
 public interface EpmetCommonServiceOpenFeignClient {
     /**
      * @param formDTO

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/AreaCodeServiceImpl.java

@@ -593,6 +593,7 @@ public class AreaCodeServiceImpl extends BaseServiceImpl<AreaCodeDao, AreaCodeEn
             throw new RenException("目前只允许添加街道或社区");
         }
         if (StringUtils.isNotBlank(formDTO.getCode())) {
+            //修改地区编码名称
             AreaCodeChildDTO areaCodeChildDTO = childDao.selectByCode(formDTO.getCode().trim());
             if (null == areaCodeChildDTO) {
                 throw new RenException("code不存在");
@@ -601,15 +602,17 @@ public class AreaCodeServiceImpl extends BaseServiceImpl<AreaCodeDao, AreaCodeEn
             areaCodeChildService.update(areaCodeChildDTO);
             return areaCodeChildDTO.getCode();
         }
+        //查询area_code_child 判断当前父级，是街道还是社区？
         AreaCodeChildDTO parent = childDao.selectByCode(formDTO.getParentAreaCode().trim());
         if (null == parent) {
+            //街道、社区没找到，查询是否是 区县
             AreaCodeDTO areaCodeDTOP = baseDao.selectByCountyCode(formDTO.getParentAreaCode().trim());
             if (null == areaCodeDTOP) {
                 throw new RenException("parentAreaCode不存在");
             }
         }
 
-        //同一级不允许重名
+        //地区编码 同一级不允许重名
         List<AreaCodeChildDTO> list = childDao.selectByPCodeAndName(formDTO.getParentAreaCode().trim(), formDTO.getName().trim());
         if (CollUtil.isNotEmpty(list)) {
             throw new RenException("name已存在");

epmet-module/epmet-ext/epmet-ext-client/src/main/java/com/epmet/dto/form/openapi/GetOrgDetailFormDTO.java

@@ -0,0 +1,15 @@
+package com.epmet.dto.form.openapi;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+@Data
+public class GetOrgDetailFormDTO extends OpenApiBaseFormDTO {
+
+    @NotBlank(message = "orgId不能为空")
+    private String orgId;
+
+    private String test;
+
+}

epmet-module/epmet-ext/epmet-ext-client/src/main/java/com/epmet/dto/form/openapi/OpenApiBaseFormDTO.java

@@ -0,0 +1,31 @@
+package com.epmet.dto.form.openapi;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
+/**
+ * open api基础类
+ */
+@Data
+public class OpenApiBaseFormDTO {
+
+    public interface GetAccessTokenGroup {}
+
+    @NotBlank(message = "签名不能为空", groups = { GetAccessTokenGroup.class })
+    private String sign;
+
+    /**
+     * 时间戳，ms
+     */
+    @NotNull(message = "时间戳不能为空", groups = { GetAccessTokenGroup.class })
+    private Long timestamp;
+
+    /**
+     * 随机数，每次请求唯一
+     */
+    @NotBlank(message = "随机字段nonce不能为空", groups = { GetAccessTokenGroup.class })
+    private String nonce;
+
+}

epmet-module/epmet-ext/epmet-ext-client/src/main/java/com/epmet/dto/result/openapi/GetAccessTokenResultDTO.java

@@ -0,0 +1,12 @@
+package com.epmet.dto.result.openapi;
+
+import lombok.Data;
+
+@Data
+public class GetAccessTokenResultDTO {
+
+    private String accessToken;
+
+    private Long expireTime;
+
+}

epmet-module/epmet-ext/epmet-ext-server/pom.xml

@@ -21,6 +21,21 @@
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-openapi</artifactId>
+            <version>2.0.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>common-service-client</artifactId>
+            <version>2.0.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.epmet</groupId>
+            <artifactId>epmet-commons-security</artifactId>
+            <version>2.0.0</version>
+        </dependency>
         <dependency>
             <groupId>com.epmet</groupId>
             <artifactId>epmet-ext-client</artifactId>

epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/annotation/OpenApiCheckSign.java

@@ -0,0 +1,13 @@
+package com.epmet.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * OpenApi验签注解
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface OpenApiCheckSign {
+
+}

epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/aspect/OpenApiRequestCheckAspect.java

@@ -0,0 +1,218 @@
+package com.epmet.aspect;
+
+import com.epmet.commons.mybatis.aspect.DataFilterAspect;
+import com.epmet.commons.security.sign.openapi.OpenApiSignUtils;
+import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.commons.tools.utils.ConvertUtils;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
+import com.epmet.openapi.constant.RequestParamKeys;
+import org.apache.commons.lang3.StringUtils;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.lang.reflect.Method;
+import java.lang.reflect.Parameter;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * OpenApi检查请求切面
+ * 1.验签防止参数篡改
+ * 2.timestamp+nonce防止请求重放攻击
+ */
+@Aspect
+@Component
+@Order(1)
+public class OpenApiRequestCheckAspect {
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    @Autowired
+    private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient;
+
+    //请求时差单位：s
+    long requestTimeSecDiff = 120;
+    //请求时差，单位：ms
+    long requestTimeMillSecDiff = requestTimeSecDiff * 1000;//单位：ms
+
+    private static final Logger log = LoggerFactory.getLogger(DataFilterAspect.class);
+
+    /**
+     * @Description 验签
+     * @return
+     * @author wxz
+     * @date 2021.03.24 13:39
+    */
+    @Before("execution(* com.epmet.controller.*Controller*.*(..)) && @annotation(com.epmet.annotation.OpenApiCheckSign)")
+    public void check(JoinPoint point) {
+        Object[] args = point.getArgs();
+        MethodSignature methodSignature = (MethodSignature) point.getSignature();
+        Method method = methodSignature.getMethod();
+        Parameter[] parameters = method.getParameters();
+
+        HttpServletRequest request = getRequest();
+
+        Map<String, String> argMap = new HashMap<>();
+        for (int i = 0; i < parameters.length; i++) {
+            if (parameters[i].isAnnotationPresent(RequestBody.class)) {
+                try {
+                    argMap = ConvertUtils.entityToMap(args[i]);
+                } catch (Exception e) {
+                    throw new RenException("验签参数转化发生异常");
+                }
+
+                break;
+            }
+        }
+
+        fillRequestParamsInfoArgMap(argMap, request);
+        if (!OpenApiSignUtils.checkSign(argMap, getSecret(argMap.get(RequestParamKeys.APP_ID)))) {
+            // 验签失败
+            throw new RenException(EpmetErrorCode.OPEN_API_SIGN_ERROR.getCode());
+        }
+        checkRepeatRequest(argMap);
+    }
+
+    /**
+     * @Description 填充url请求参数到map中，用来签名
+     * @return
+     * @author wxz
+     * @date 2021.03.26 10:13
+    */
+    private void fillRequestParamsInfoArgMap(Map<String, String> argMap, HttpServletRequest request) {
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.APP_ID);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.AUTH_TYPE);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.NONCE);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.TIMESTAMP);
+        fillRequestParamsInfoArgMap(argMap, request, RequestParamKeys.SIGN);
+    }
+
+    private void fillRequestParamsInfoArgMap(Map<String, String> argMap, HttpServletRequest request, String paramName) {
+        String paramValue = request.getParameter(paramName);
+        if (StringUtils.isNotBlank(paramName)) {
+            argMap.put(paramName, paramValue);
+        }
+    }
+
+    /**
+     * 检查请求重放
+     * @param argMap
+     */
+    void checkRepeatRequest(Map<String, String> argMap) {
+        String timestampStr = argMap.get(RequestParamKeys.TIMESTAMP);
+        if (StringUtils.isBlank(timestampStr)) {
+            throw new RenException(EpmetErrorCode.OPEN_API_PARAMS_MISSING.getCode());
+        }
+        long timestamp = Long.valueOf(timestampStr).longValue();
+        long now = System.currentTimeMillis();
+
+        if (Math.abs(now - timestamp) > requestTimeMillSecDiff) {
+            // 只允许1分钟之内的请求，允许服务器之间时差为1分钟
+            throw new RenException(EpmetErrorCode.OPEN_API_REQUEST_EXPIRED.getCode(),
+                    String.format("请求已过期，允许时差为%s s", requestTimeSecDiff));
+        }
+        String nonce = argMap.get(RequestParamKeys.NONCE);
+        String nonceInCache = redisUtils.getString(RedisKeys.getOpenApiNonceKey(nonce));
+        if (StringUtils.isNotBlank(nonceInCache)) {
+            throw new RenException(EpmetErrorCode.OPEN_API_REQUEST_REPEAT.getCode());
+        }
+        //将nonce缓存到redis，有效期1分钟
+        redisUtils.set(RedisKeys.getOpenApiNonceKey(nonce), System.currentTimeMillis(), requestTimeSecDiff);
+    }
+
+    /**
+     * @return
+     * @Description 取secret
+     * @author wxz
+     * @date 2021.03.24 12:49
+     */
+    private String getSecret(String appId) {
+        String secret = (String) redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
+        if (StringUtils.isBlank(secret)) {
+            Result<String> result = commonServiceOpenFeignClient.getSecret(appId);
+            if (!result.success()) {
+                throw new RenException("调用common service查询secret失败");
+            }
+            secret = result.getData();
+            if (StringUtils.isBlank(secret)) {
+                throw new RenException(String.format("根据appId%s没有找到对应的secret", appId));
+            }
+            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
+        }
+        return secret;
+    }
+
+    /**
+     * @return
+     * @Description 获取request
+     * @author wxz
+     * @date 2021.03.24 12:52
+     */
+    public HttpServletRequest getRequest() {
+        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
+        ServletRequestAttributes sra = (ServletRequestAttributes) requestAttributes;
+        return sra.getRequest();
+    }
+
+    /**
+     * @return
+     * @Description 获取appId
+     * @author wxz
+     * @date 2021.03.24 12:53
+     */
+    //public String getAppId(Parameter[] parameters, Object[] args) {
+    //    HttpServletRequest request = getRequest();
+    //    String appId = request.getHeader("AppId");
+    //    if (StringUtils.isBlank(appId)) {
+    //        for (int i = 0; i < parameters.length; i++) {
+    //            if (parameters[i].isAnnotationPresent(RequestBody.class)) {
+    //                Object arg = args[i];
+    //                try {
+    //                    appId = getAppIdFromDTO(arg);
+    //                } catch (IllegalAccessException e) {
+    //                    e.printStackTrace();
+    //                }
+    //            }
+    //        }
+    //    }
+    //    if (StringUtils.isBlank(appId)) {
+    //        throw new RenException("未携带AppId");
+    //    }
+    //    return appId;
+    //}
+
+    //private String getAppIdFromDTO(Object dto) throws IllegalAccessException {
+    //    Field[] declaredFields = dto.getClass().getDeclaredFields();
+    //    for (int i = 0; i < declaredFields.length; i++) {
+    //        Field field = declaredFields[i];
+    //        String fieldName = field.getName();
+    //        if ("appId".equals(fieldName)) {
+    //            field.setAccessible(true);
+    //            String value = (String) field.get(dto);
+    //            return value;
+    //        }
+    //    }
+    //    return null;
+    //}
+
+    public static void main(String[] args) {
+        System.out.println(System.currentTimeMillis());
+    }
+}

epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/config/OpenApiConfig.java

@@ -0,0 +1,15 @@
+package com.epmet.config;
+
+import lombok.Data;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.stereotype.Component;
+
+@Component
+@Data
+public class OpenApiConfig {
+
+    @Value("${openApi.accessToken.expire}")
+    private int accessTokenExpire;
+
+}

epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiAccessTokenController.java

@@ -0,0 +1,60 @@
+package com.epmet.controller;
+
+import com.epmet.annotation.OpenApiCheckSign;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.result.openapi.GetAccessTokenResultDTO;
+import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
+import com.epmet.service.OpenApiAccessTokenService;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("open-api")
+public class OpenApiAccessTokenController {
+
+    @Autowired
+    private OpenApiAccessTokenService openApiAccessTokenService;
+
+    @Autowired
+    private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient;
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    private Logger logger = LoggerFactory.getLogger(OpenApiAccessTokenController.class);
+
+    /**
+     * @Description 获取AccessToken
+     * @return
+     * @author wxz
+     * @date 2021.03.23 09:52
+    */
+    @OpenApiCheckSign
+    @PostMapping("get-access-token")
+    public Result<GetAccessTokenResultDTO> getAccessToken(@RequestParam("app_id") String appId) {
+        // 1.取secret
+        String secret = (String)redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
+        if (StringUtils.isBlank(secret)) {
+            Result<String> result = commonServiceOpenFeignClient.getSecret(appId);
+            if (!result.success()) {
+                throw new RenException("调用common service查询secret失败");
+            }
+            secret = result.getData();
+            if (StringUtils.isBlank(secret)) {
+                throw new RenException(String.format("根据appId%s没有找到对应的secret", appId));
+            }
+            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
+        }
+
+        //2.生成token
+        GetAccessTokenResultDTO content = openApiAccessTokenService.getAccessToken(appId, secret);
+        return new Result<GetAccessTokenResultDTO>().ok(content);
+    }
+
+}

epmet-module/epmet-ext/epmet-ext-server/src/main/java/com/epmet/controller/OpenApiOrgController.java

@@ -0,0 +1,27 @@
+package com.epmet.controller;
+
+import com.epmet.annotation.OpenApiCheckSign;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.form.openapi.GetOrgDetailFormDTO;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("open-api")
+public class OpenApiOrgController {
+
+    /**
+     * @Description OpenApiCheckSign是验签注解，OpenApi的接口请加上该注解
+     * @return
+     * @author wxz
+     * @date 2021.03.24 12:55
+    */
+    @OpenApiCheckSign
+    @PostMapping("/get-org-detail")
+    public Result getOrgDetail(@RequestBody GetOrgDetailFormDTO input,
+                               @RequestHeader("AppId") String appId) {
+        return new Result().ok("测试org");
+    }
+
+
+
+}