通信LIMS后端
blame | 历史 | 原始文档
zss
2025-02-17 087991c76f078defe5eb55d84223021b4199fb3d 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

package com.yuanchu.mom.config;


 


import cn.hutool.json.JSONObject;


import cn.hutool.json.JSONUtil;


import com.alibaba.fastjson.JSON;


import com.yuanchu.mom.annotation.ValueAuth;


import com.yuanchu.mom.annotation.ValueClassify;


import com.yuanchu.mom.exception.ErrorException;


import com.yuanchu.mom.exception.MyFileException;


import com.yuanchu.mom.mapper.AuthMapper;


import com.yuanchu.mom.utils.JackSonUtil;


import com.yuanchu.mom.utils.Jwt;


import com.yuanchu.mom.utils.ServletUtils;


import org.apache.catalina.User;


import org.springframework.stereotype.Component;


import org.springframework.web.method.HandlerMethod;


import org.springframework.web.servlet.HandlerInterceptor;


import org.springframework.web.servlet.ModelAndView;


 


import javax.annotation.Resource;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.util.Map;


 


@Component


public class PowerConfig implements HandlerInterceptor {


 


    @Resource


    private AuthMapper authMapper;


 


    @Override


    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        if(handler instanceof HandlerMethod) {


            if(request.getRequestURL().toString().contains("/error") || request.getRequestURL().toString().contains("/outPath")){


                return HandlerInterceptor.super.preHandle(request, response, handler);


            }


            HandlerMethod h = (HandlerMethod)handler;


            ValueAuth annotation = h.getMethodAnnotation(ValueAuth.class);


            if(annotation!=null){


                return HandlerInterceptor.super.preHandle(request, response, handler);


            }


            JSONObject obj = JSONUtil.parseObj(new Jwt().readJWT(request.getHeader("token")).get("data"));


            Integer userId = Integer.parseInt(obj.get("id") + "");


            int i = authMapper.isPower(userId, h.getMethod().getName());


            if (i == 0){


                // 判断是否有权限注解


                ValueClassify valueClassify = h.getMethodAnnotation(ValueClassify.class);


                if (valueClassify == null) {


                    return HandlerInterceptor.super.preHandle(request, response, handler);


                }


                throw new ErrorException(obj.get("name") + " 无权限访问 " + h.getMethod().getName() + " 接口");


            }


        }


        return HandlerInterceptor.super.preHandle(request, response, handler);


    }


 


    @Override


    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {


        HandlerInterceptor.super.postHandle(request, response, handler, modelAndView);


    }


 


    @Override


    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {


        HandlerInterceptor.super.afterCompletion(request, response, handler, ex);


 


    }


}