feat:增加权限校验
This commit is contained in:
曾文豪
@@ -3,8 +3,6 @@ package com.tiesheng.role.config;
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.tiesheng.annotation.role.RoleAuthority;
|
||||
import com.tiesheng.role.mapper.CoreRoleUserMapper;
|
||||
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
|
||||
import com.tiesheng.util.ServletKit;
|
||||
import com.tiesheng.util.config.TsTokenConfig;
|
||||
import com.tiesheng.util.exception.ApiException;
|
||||
@@ -37,35 +35,42 @@ public class RoleAuthorityAspect {
|
||||
/**
|
||||
* 获取
|
||||
*/
|
||||
@Before("@annotation(com.tiesheng.annotation.role.RoleAuthority)")
|
||||
@Before("execution(* com..controller..*.*(..))")
|
||||
public void before(JoinPoint joinPoint) {
|
||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||
|
||||
RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
|
||||
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
|
||||
if (classAnnotation == null || annotation == null) {
|
||||
if (classAnnotation == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
HttpServletRequest request = ServletKit.getRequest();
|
||||
TokenBean tokenBean = tsTokenConfig.validToken(request, true);
|
||||
|
||||
String authority = StrUtil.join("_", classAnnotation.group(),
|
||||
classAnnotation.value(), annotation.value());
|
||||
|
||||
String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId());
|
||||
List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
|
||||
.stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
|
||||
|
||||
if (CollUtil.isEmpty(authorityList)) {
|
||||
authorityList = tsAuthorityHandler.getAuthorities(tokenBean);
|
||||
if (CollUtil.isNotEmpty(authorityList)) {
|
||||
TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
|
||||
}
|
||||
}
|
||||
if (!CollUtil.contains(authorityList, authority)) {
|
||||
throw new ApiException(403, "您无权访问");
|
||||
|
||||
String authority = StrUtil.join("_", classAnnotation.group(), classAnnotation.value());
|
||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
|
||||
if (annotation != null) {
|
||||
// 检查是否是功能点的权限
|
||||
if (CollUtil.contains(authorityList, StrUtil.join("_", authority, annotation.value()))) {
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
// 检查是否是菜单级别的权限
|
||||
if (CollUtil.contains(authorityList, authority)) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
throw new ApiException(403, "您无权访问");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.tiesheng.role.service;
|
||||
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.tiesheng.annotation.role.RoleAuthority;
|
||||
import com.tiesheng.role.mapper.CoreRoleAuthorityMapper;
|
||||
@@ -29,7 +28,7 @@ public class RoleAuthorityHandler implements TsAuthorityHandler {
|
||||
|
||||
@Override
|
||||
public void addRoleAuthority(RoleAuthority menu, List<RoleAuthority> points) {
|
||||
if (menu.group().length == 0 || CollUtil.isEmpty(points)) {
|
||||
if (menu.group().length == 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user