lims后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 显示空白
Fixiaobai
2023-08-28 1865de1cd0255f7c42a326018a8cc3b5a1ee5253 
 sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java


@@ -1,30 +1,28 @@


package com.yuanchu.limslaboratory.aop;




import com.fasterxml.jackson.databind.ObjectMapper;


import com.yuanchu.limslaboratory.annotation.RequestInfo;


import com.yuanchu.limslaboratory.annotation.AuthHandler;


import com.yuanchu.limslaboratory.exception.AuthException;


import com.yuanchu.limslaboratory.pojo.User;


import com.yuanchu.limslaboratory.service.RoleManagerService;


import com.yuanchu.limslaboratory.service.UserService;


import com.yuanchu.limslaboratory.utils.ServletUtils;


import com.yuanchu.limslaboratory.vo.Result;


import io.swagger.annotations.ApiOperation;


import lombok.SneakyThrows;


import lombok.extern.slf4j.Slf4j;


import org.aspectj.lang.JoinPoint;


import org.aspectj.lang.ProceedingJoinPoint;


import org.aspectj.lang.annotation.Around;


import org.aspectj.lang.annotation.Aspect;


import org.aspectj.lang.annotation.Before;


import org.aspectj.lang.annotation.Pointcut;


import org.aspectj.lang.reflect.MethodSignature;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.stereotype.Component;


import org.springframework.web.bind.annotation.*;




import javax.annotation.Resource;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.lang.annotation.Annotation;


import java.lang.reflect.Method;


import java.nio.charset.StandardCharsets;


import java.util.Map;


import java.util.concurrent.ConcurrentHashMap;


import java.util.Objects;




/**


 * @Author 张宾


@@ -35,17 +33,20 @@


@Aspect


public class AuthRequestAspect {




    @Pointcut("@annotation(com.yuanchu.limslaboratory.annotation.RequestInfo)")


    @Pointcut("@annotation(com.yuanchu.limslaboratory.annotation.AuthHandler)")


    public void pointCut() {


    }




    //private ThreadLocal<ConcurrentHashMap<String, Map>> threadLocal;


    @Resource


    private UserService userService;






    @Resource


    private RoleManagerService roleService;




    @SneakyThrows


    @Before("pointCut()")


    public void before(JoinPoint joinPoint) {


        HttpServletRequest request = ServletUtils.getRequest();


        log.info("拦截=====》"+request.getServletPath());


        Class<?> clazz = joinPoint.getTarget().getClass();


        String clazzName = joinPoint.getTarget().getClass().getName();


        // 获取访问的方法名


@@ -54,14 +55,47 @@


        Class[] argClz = ((MethodSignature) joinPoint.getSignature()).getParameterTypes();


        // 获取访问的方法对象


        Method method = clazz.getDeclaredMethod(methodName, argClz);


        // 判断当前访问的方法是否存在指定注解


        if (method.isAnnotationPresent(RequestInfo.class)) {


            RequestInfo annotation = method.getAnnotation(RequestInfo.class);


            System.out.println(annotation.name());


            System.out.println(annotation.type());


        //获取类上请求地址


        RequestMapping annotation = clazz.getAnnotation(RequestMapping.class);


        StringBuilder builder = new StringBuilder();


        String apiInfo=null;


        builder.append(annotation.value()[0]);


        //获取方法上注解


        if (method.isAnnotationPresent(PostMapping.class)) {


            PostMapping post = method.getAnnotation(PostMapping.class);


            builder.append(post.value()[0]);


        }


        if (method.isAnnotationPresent(GetMapping.class)) {


            GetMapping get = method.getAnnotation(GetMapping.class);


            builder.append(get.value()[0]);


        }


        if (method.isAnnotationPresent(DeleteMapping.class)) {


            DeleteMapping delete = method.getAnnotation(DeleteMapping.class);


            builder.append(delete.value()[0]);


        }


        if (method.isAnnotationPresent(PutMapping.class)) {


            PutMapping put = method.getAnnotation(PutMapping.class);


            builder.append(put.value()[0]);


        }


        if (method.isAnnotationPresent(ApiOperation.class)) {


            ApiOperation api = method.getAnnotation(ApiOperation.class);


            apiInfo=api.value();


        }


        HttpServletRequest request = ServletUtils.getRequest();


        Map<String, Object> userInfo = userService.getUserInfo(request.getHeader("X-Token"));


        if(Objects.nonNull(userInfo)){


        String roleId = String.valueOf(userInfo.get("roleId"));


        Map<String, Object> urlType = roleService.getUrlType(builder.toString());


        log.info("拦截请求----------------》"+builder);


        boolean b = roleService.hasUrl(String.valueOf(urlType.get("type")), String.valueOf(urlType.get("menuId")), roleId);


        if(!b){


            log.warn("用户/id:"+userInfo.get("name")+"/"+userInfo.get("id")+"---------权限不足,已拦截!");


        //throw new AuthException("400","无权限");


    }


        }else {


            throw new AuthException("401","登陆过期");


        }


    }