publish 2.0.0.rc18

2024-08-08 11:11:40 +08:00
parent f5dfce08ed
commit 2c9519a35e
15 changed files with 36 additions and 30 deletions
--- a/springboot-web/src/main/java/com/tiesheng/web/config/role/RoleAuthorityAspect.java
+++ b/springboot-web/src/main/java/com/tiesheng/web/config/role/RoleAuthorityAspect.java
@@ -0,0 +1,81 @@
+package com.tiesheng.web.config.role;
+
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.StrUtil;
+import com.tiesheng.annotation.role.RoleAuthority;
+import com.tiesheng.annotation.token.TokenIgnore;
+import com.tiesheng.util.ServletKit;
+import com.tiesheng.util.config.TsTokenConfig;
+import com.tiesheng.util.exception.ApiException;
+import com.tiesheng.util.pojos.TokenBean;
+import com.tiesheng.util.service.TsCacheService;
+import com.tiesheng.util.service.role.TsAuthorityHandler;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Aspect
+@Component
+public class RoleAuthorityAspect {
+
+    @Resource
+    TsTokenConfig tsTokenConfig;
+    @Resource
+    TsAuthorityHandler tsAuthorityHandler;
+
+
+    /**
+     * 获取
+     */
+    @Before("execution(* com..controller..*.*(..))")
+    public void before(JoinPoint joinPoint) {
+
+        RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
+        if (classAnnotation == null) {
+            return;
+        }
+
+        // 忽略TOKEN时不校验
+        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
+        TokenIgnore tokenIgnore = signature.getMethod().getAnnotation(TokenIgnore.class);
+        if (tokenIgnore != null) {
+            return;
+        }
+
+        HttpServletRequest request = ServletKit.getRequest();
+        TokenBean tokenBean = tsTokenConfig.validToken(request, true);
+        String cacheKey = StrUtil.format(TsAuthorityHandler.CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId());
+        List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
+                .stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
+        if (CollUtil.isEmpty(authorityList)) {
+            authorityList = tsAuthorityHandler.getAuthorities(tokenBean);
+            if (CollUtil.isNotEmpty(authorityList)) {
+                TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
+            }
+        }
+
+        String authority = StrUtil.join("_", classAnnotation.group(), classAnnotation.value());
+        RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
+        if (annotation != null) {
+            // 检查是否是功能点的权限
+            if (CollUtil.contains(authorityList, StrUtil.join("_", authority, annotation.value()))) {
+                return;
+            }
+        } else {
+            // 检查是否是菜单级别的权限
+            if (CollUtil.contains(authorityList, authority)) {
+                return;
+            }
+        }
+
+        throw new ApiException(403, "您无权访问");
+    }
+
+}