feat:增加权限校验
This commit is contained in:
@@ -7,6 +7,7 @@ import cn.hutool.poi.excel.ExcelUtil;
|
|||||||
import com.alibaba.excel.EasyExcel;
|
import com.alibaba.excel.EasyExcel;
|
||||||
import com.alibaba.excel.context.AnalysisContext;
|
import com.alibaba.excel.context.AnalysisContext;
|
||||||
import com.alibaba.excel.read.listener.ReadListener;
|
import com.alibaba.excel.read.listener.ReadListener;
|
||||||
|
import com.tiesheng.annotation.role.RoleAuthority;
|
||||||
import com.tiesheng.annotation.token.TokenIgnore;
|
import com.tiesheng.annotation.token.TokenIgnore;
|
||||||
import com.tiesheng.database.config.DbBackupConfig;
|
import com.tiesheng.database.config.DbBackupConfig;
|
||||||
import com.tiesheng.demo.pojos.PoiBean;
|
import com.tiesheng.demo.pojos.PoiBean;
|
||||||
@@ -39,6 +40,7 @@ import java.util.function.Consumer;
|
|||||||
*/
|
*/
|
||||||
@RestController
|
@RestController
|
||||||
@RequestMapping("/test")
|
@RequestMapping("/test")
|
||||||
|
@RoleAuthority(value = "test", group = "test")
|
||||||
public class TestController {
|
public class TestController {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
@@ -67,28 +69,30 @@ public class TestController {
|
|||||||
|
|
||||||
@RequestMapping("/redirect")
|
@RequestMapping("/redirect")
|
||||||
@TokenIgnore
|
@TokenIgnore
|
||||||
public void redirect(HttpServletResponse response) {
|
@RoleAuthority("redirect")
|
||||||
|
public ApiResp<String> redirect(HttpServletResponse response) {
|
||||||
|
|
||||||
ArrayList<String> strings = CollUtil.newArrayList("11111", "22222");
|
// ArrayList<String> strings = CollUtil.newArrayList("11111", "22222");
|
||||||
coreLogService.addProcess("fdfd", strings, new ProcessImportConsumer<String>() {
|
// coreLogService.addProcess("fdfd", strings, new ProcessImportConsumer<String>() {
|
||||||
@Override
|
// @Override
|
||||||
public int accept(List<String> list) {
|
// public int accept(List<String> list) {
|
||||||
LogFactory.get().info("list: " + list.size());
|
// LogFactory.get().info("list: " + list.size());
|
||||||
return 0;
|
// return 0;
|
||||||
}
|
// }
|
||||||
|
//
|
||||||
@Override
|
// @Override
|
||||||
public String getFailFile() {
|
// public String getFailFile() {
|
||||||
LogFactory.get().info("getFailFile: " + strings.size());
|
// LogFactory.get().info("getFailFile: " + strings.size());
|
||||||
return null;
|
// return null;
|
||||||
}
|
// }
|
||||||
});
|
// });
|
||||||
|
//
|
||||||
LogFactory.get().info("strings: " + strings.size());
|
// LogFactory.get().info("strings: " + strings.size());
|
||||||
|
|
||||||
|
|
||||||
// tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
|
// tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
|
||||||
globalConfig.redirect("mobile", "/test", response);
|
// globalConfig.redirect("mobile", "/test", response);
|
||||||
|
return ApiResp.respOK("");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -7,8 +7,8 @@ spring:
|
|||||||
url: jdbc:mysql://47.96.30.85:3306/com_tiesheng_web?useSSL=false&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&queryTimeout=5400&allowMultiQueries=true&serverTimezone=GMT%2B8
|
url: jdbc:mysql://47.96.30.85:3306/com_tiesheng_web?useSSL=false&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&queryTimeout=5400&allowMultiQueries=true&serverTimezone=GMT%2B8
|
||||||
username: com_tiesheng_web
|
username: com_tiesheng_web
|
||||||
password: 4Xo$XheGFc
|
password: 4Xo$XheGFc
|
||||||
redis:
|
# redis:
|
||||||
url: redis://kyF0zUL3011111@47.96.30.85:6234
|
# url: redis://kyF0zUL3011111@47.96.30.85:6234
|
||||||
|
|
||||||
platform:
|
platform:
|
||||||
ding:
|
ding:
|
||||||
|
|||||||
@@ -3,8 +3,6 @@ package com.tiesheng.role.config;
|
|||||||
import cn.hutool.core.collection.CollUtil;
|
import cn.hutool.core.collection.CollUtil;
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import com.tiesheng.annotation.role.RoleAuthority;
|
import com.tiesheng.annotation.role.RoleAuthority;
|
||||||
import com.tiesheng.role.mapper.CoreRoleUserMapper;
|
|
||||||
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
|
|
||||||
import com.tiesheng.util.ServletKit;
|
import com.tiesheng.util.ServletKit;
|
||||||
import com.tiesheng.util.config.TsTokenConfig;
|
import com.tiesheng.util.config.TsTokenConfig;
|
||||||
import com.tiesheng.util.exception.ApiException;
|
import com.tiesheng.util.exception.ApiException;
|
||||||
@@ -37,35 +35,42 @@ public class RoleAuthorityAspect {
|
|||||||
/**
|
/**
|
||||||
* 获取
|
* 获取
|
||||||
*/
|
*/
|
||||||
@Before("@annotation(com.tiesheng.annotation.role.RoleAuthority)")
|
@Before("execution(* com..controller..*.*(..))")
|
||||||
public void before(JoinPoint joinPoint) {
|
public void before(JoinPoint joinPoint) {
|
||||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
|
||||||
|
|
||||||
RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
|
RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
|
||||||
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
|
if (classAnnotation == null) {
|
||||||
if (classAnnotation == null || annotation == null) {
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
HttpServletRequest request = ServletKit.getRequest();
|
HttpServletRequest request = ServletKit.getRequest();
|
||||||
TokenBean tokenBean = tsTokenConfig.validToken(request, true);
|
TokenBean tokenBean = tsTokenConfig.validToken(request, true);
|
||||||
|
|
||||||
String authority = StrUtil.join("_", classAnnotation.group(),
|
|
||||||
classAnnotation.value(), annotation.value());
|
|
||||||
|
|
||||||
String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId());
|
String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId());
|
||||||
List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
|
List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
|
||||||
.stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
|
.stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
|
||||||
|
|
||||||
if (CollUtil.isEmpty(authorityList)) {
|
if (CollUtil.isEmpty(authorityList)) {
|
||||||
authorityList = tsAuthorityHandler.getAuthorities(tokenBean);
|
authorityList = tsAuthorityHandler.getAuthorities(tokenBean);
|
||||||
if (CollUtil.isNotEmpty(authorityList)) {
|
if (CollUtil.isNotEmpty(authorityList)) {
|
||||||
TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
|
TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!CollUtil.contains(authorityList, authority)) {
|
|
||||||
throw new ApiException(403, "您无权访问");
|
String authority = StrUtil.join("_", classAnnotation.group(), classAnnotation.value());
|
||||||
|
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||||
|
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
|
||||||
|
if (annotation != null) {
|
||||||
|
// 检查是否是功能点的权限
|
||||||
|
if (CollUtil.contains(authorityList, StrUtil.join("_", authority, annotation.value()))) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// 检查是否是菜单级别的权限
|
||||||
|
if (CollUtil.contains(authorityList, authority)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
throw new ApiException(403, "您无权访问");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,6 +1,5 @@
|
|||||||
package com.tiesheng.role.service;
|
package com.tiesheng.role.service;
|
||||||
|
|
||||||
import cn.hutool.core.collection.CollUtil;
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import com.tiesheng.annotation.role.RoleAuthority;
|
import com.tiesheng.annotation.role.RoleAuthority;
|
||||||
import com.tiesheng.role.mapper.CoreRoleAuthorityMapper;
|
import com.tiesheng.role.mapper.CoreRoleAuthorityMapper;
|
||||||
@@ -29,7 +28,7 @@ public class RoleAuthorityHandler implements TsAuthorityHandler {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void addRoleAuthority(RoleAuthority menu, List<RoleAuthority> points) {
|
public void addRoleAuthority(RoleAuthority menu, List<RoleAuthority> points) {
|
||||||
if (menu.group().length == 0 || CollUtil.isEmpty(points)) {
|
if (menu.group().length == 0) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user