feat:增加权限校验

This commit is contained in:
曾文豪
2024-08-08 09:23:30 +08:00
parent 82d3f471f9
commit 5d4e97b206
4 changed files with 43 additions and 35 deletions

View File

@@ -7,6 +7,7 @@ import cn.hutool.poi.excel.ExcelUtil;
import com.alibaba.excel.EasyExcel; import com.alibaba.excel.EasyExcel;
import com.alibaba.excel.context.AnalysisContext; import com.alibaba.excel.context.AnalysisContext;
import com.alibaba.excel.read.listener.ReadListener; import com.alibaba.excel.read.listener.ReadListener;
import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.annotation.token.TokenIgnore; import com.tiesheng.annotation.token.TokenIgnore;
import com.tiesheng.database.config.DbBackupConfig; import com.tiesheng.database.config.DbBackupConfig;
import com.tiesheng.demo.pojos.PoiBean; import com.tiesheng.demo.pojos.PoiBean;
@@ -39,6 +40,7 @@ import java.util.function.Consumer;
*/ */
@RestController @RestController
@RequestMapping("/test") @RequestMapping("/test")
@RoleAuthority(value = "test", group = "test")
public class TestController { public class TestController {
@Autowired @Autowired
@@ -67,28 +69,30 @@ public class TestController {
@RequestMapping("/redirect") @RequestMapping("/redirect")
@TokenIgnore @TokenIgnore
public void redirect(HttpServletResponse response) { @RoleAuthority("redirect")
public ApiResp<String> redirect(HttpServletResponse response) {
ArrayList<String> strings = CollUtil.newArrayList("11111", "22222"); // ArrayList<String> strings = CollUtil.newArrayList("11111", "22222");
coreLogService.addProcess("fdfd", strings, new ProcessImportConsumer<String>() { // coreLogService.addProcess("fdfd", strings, new ProcessImportConsumer<String>() {
@Override // @Override
public int accept(List<String> list) { // public int accept(List<String> list) {
LogFactory.get().info("list: " + list.size()); // LogFactory.get().info("list: " + list.size());
return 0; // return 0;
} // }
//
@Override // @Override
public String getFailFile() { // public String getFailFile() {
LogFactory.get().info("getFailFile: " + strings.size()); // LogFactory.get().info("getFailFile: " + strings.size());
return null; // return null;
} // }
}); // });
//
LogFactory.get().info("strings: " + strings.size()); // LogFactory.get().info("strings: " + strings.size());
// tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true); // tsTokenConfig.validToken("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NzYwMDY4NzUsImlkIjoiMSIsImVudmlyb25tZW50VHlwZSI6Im1vYmlsZSIsInNlcnZpY2UiOiJjb250ZXN0LXJlc2VydmUiLCJleHRyYSI6IiJ9.nsfxEFpCNHC7eNCS5DJXdu1VDdnHrTjSfgrozND70Lc", true);
globalConfig.redirect("mobile", "/test", response); // globalConfig.redirect("mobile", "/test", response);
return ApiResp.respOK("");
} }

View File

@@ -7,8 +7,8 @@ spring:
url: jdbc:mysql://47.96.30.85:3306/com_tiesheng_web?useSSL=false&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&queryTimeout=5400&allowMultiQueries=true&serverTimezone=GMT%2B8 url: jdbc:mysql://47.96.30.85:3306/com_tiesheng_web?useSSL=false&useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&queryTimeout=5400&allowMultiQueries=true&serverTimezone=GMT%2B8
username: com_tiesheng_web username: com_tiesheng_web
password: 4Xo$XheGFc password: 4Xo$XheGFc
redis: # redis:
url: redis://kyF0zUL3011111@47.96.30.85:6234 # url: redis://kyF0zUL3011111@47.96.30.85:6234
platform: platform:
ding: ding:

View File

@@ -3,8 +3,6 @@ package com.tiesheng.role.config;
import cn.hutool.core.collection.CollUtil; import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.tiesheng.annotation.role.RoleAuthority; import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.role.mapper.CoreRoleUserMapper;
import com.tiesheng.role.pojos.dao.CoreRoleAuthority;
import com.tiesheng.util.ServletKit; import com.tiesheng.util.ServletKit;
import com.tiesheng.util.config.TsTokenConfig; import com.tiesheng.util.config.TsTokenConfig;
import com.tiesheng.util.exception.ApiException; import com.tiesheng.util.exception.ApiException;
@@ -37,35 +35,42 @@ public class RoleAuthorityAspect {
/** /**
* 获取 * 获取
*/ */
@Before("@annotation(com.tiesheng.annotation.role.RoleAuthority)") @Before("execution(* com..controller..*.*(..))")
public void before(JoinPoint joinPoint) { public void before(JoinPoint joinPoint) {
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class); RoleAuthority classAnnotation = joinPoint.getTarget().getClass().getAnnotation(RoleAuthority.class);
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class); if (classAnnotation == null) {
if (classAnnotation == null || annotation == null) {
return; return;
} }
HttpServletRequest request = ServletKit.getRequest(); HttpServletRequest request = ServletKit.getRequest();
TokenBean tokenBean = tsTokenConfig.validToken(request, true); TokenBean tokenBean = tsTokenConfig.validToken(request, true);
String authority = StrUtil.join("_", classAnnotation.group(),
classAnnotation.value(), annotation.value());
String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId()); String cacheKey = StrUtil.format(CACHE_HAS_AUTHORITY, tokenBean.getRoleId(), tokenBean.getId());
List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";") List<String> authorityList = StrUtil.split(TsCacheService.of().get(cacheKey), ";")
.stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList()); .stream().filter(StrUtil::isNotEmpty).collect(Collectors.toList());
if (CollUtil.isEmpty(authorityList)) { if (CollUtil.isEmpty(authorityList)) {
authorityList = tsAuthorityHandler.getAuthorities(tokenBean); authorityList = tsAuthorityHandler.getAuthorities(tokenBean);
if (CollUtil.isNotEmpty(authorityList)) { if (CollUtil.isNotEmpty(authorityList)) {
TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList)); TsCacheService.of().put(cacheKey, StrUtil.join(";", authorityList));
} }
} }
if (!CollUtil.contains(authorityList, authority)) {
throw new ApiException(403, "您无权访问"); String authority = StrUtil.join("_", classAnnotation.group(), classAnnotation.value());
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
RoleAuthority annotation = signature.getMethod().getAnnotation(RoleAuthority.class);
if (annotation != null) {
// 检查是否是功能点的权限
if (CollUtil.contains(authorityList, StrUtil.join("_", authority, annotation.value()))) {
return;
}
} else {
// 检查是否是菜单级别的权限
if (CollUtil.contains(authorityList, authority)) {
return;
}
} }
throw new ApiException(403, "您无权访问");
} }
} }

View File

@@ -1,6 +1,5 @@
package com.tiesheng.role.service; package com.tiesheng.role.service;
import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.tiesheng.annotation.role.RoleAuthority; import com.tiesheng.annotation.role.RoleAuthority;
import com.tiesheng.role.mapper.CoreRoleAuthorityMapper; import com.tiesheng.role.mapper.CoreRoleAuthorityMapper;
@@ -29,7 +28,7 @@ public class RoleAuthorityHandler implements TsAuthorityHandler {
@Override @Override
public void addRoleAuthority(RoleAuthority menu, List<RoleAuthority> points) { public void addRoleAuthority(RoleAuthority menu, List<RoleAuthority> points) {
if (menu.group().length == 0 || CollUtil.isEmpty(points)) { if (menu.group().length == 0) {
return; return;
} }