From b661f37beac05fefc728215fbbd36aabf974516a Mon Sep 17 00:00:00 2001
From: Fixiaobai <fixiaobai@163.com>
Date: 星期一, 28 八月 2023 13:29:48 +0800
Subject: [PATCH] 权限修改3.0
---
sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java | 98 +++++++++++++++++++++++++-----------------------
user-server/src/main/java/com/yuanchu/limslaboratory/service/impl/UserServiceImpl.java | 5 ++
sys/src/test/java/com/yuanchu/limslaboratory/SysApplicationTests.java | 6 +++
user-server/src/main/java/com/yuanchu/limslaboratory/clients/UserLoginUtils.java | 2 +
user-server/src/main/resources/mapper/UserMapper.xml | 1
5 files changed, 65 insertions(+), 47 deletions(-)
diff --git a/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java b/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
index fd0b5fe..aab1b80 100644
--- a/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
+++ b/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
@@ -37,6 +37,8 @@
public void pointCut() {
}
+ private final static String ADMIN = "c3284d0f94606de1fd2af172aba15bf3";
+
@Resource
private UserService userService;
@@ -47,57 +49,59 @@
@SneakyThrows
@Before("pointCut()")
public void before(JoinPoint joinPoint) {
- Class<?> clazz = joinPoint.getTarget().getClass();
- String clazzName = joinPoint.getTarget().getClass().getName();
- // 鑾峰彇璁块棶鐨勬柟娉曞悕
- String methodName = joinPoint.getSignature().getName();
- // 鑾峰彇鏂规硶鎵�鏈夊弬鏁板強鍏剁被鍨�
- Class[] argClz = ((MethodSignature) joinPoint.getSignature()).getParameterTypes();
- // 鑾峰彇璁块棶鐨勬柟娉曞璞�
- Method method = clazz.getDeclaredMethod(methodName, argClz);
- //鑾峰彇绫讳笂璇锋眰鍦板潃
- RequestMapping annotation = clazz.getAnnotation(RequestMapping.class);
- StringBuilder builder = new StringBuilder();
- String apiInfo=null;
- builder.append(annotation.value()[0]);
- //鑾峰彇鏂规硶涓婃敞瑙�
- if (method.isAnnotationPresent(PostMapping.class)) {
- PostMapping post = method.getAnnotation(PostMapping.class);
- builder.append(post.value()[0]);
- }
- if (method.isAnnotationPresent(GetMapping.class)) {
- GetMapping get = method.getAnnotation(GetMapping.class);
- builder.append(get.value()[0]);
- }
- if (method.isAnnotationPresent(DeleteMapping.class)) {
- DeleteMapping delete = method.getAnnotation(DeleteMapping.class);
- builder.append(delete.value()[0]);
- }
- if (method.isAnnotationPresent(PutMapping.class)) {
- PutMapping put = method.getAnnotation(PutMapping.class);
- builder.append(put.value()[0]);
- }
- if (method.isAnnotationPresent(ApiOperation.class)) {
- ApiOperation api = method.getAnnotation(ApiOperation.class);
- apiInfo=api.value();
- }
HttpServletRequest request = ServletUtils.getRequest();
Map<String, Object> userInfo = userService.getUserInfo(request.getHeader("X-Token"));
- if(Objects.nonNull(userInfo)){
- String roleId = String.valueOf(userInfo.get("roleId"));
- Map<String, Object> urlType = roleService.getUrlType(builder.toString());
- log.info("鎷︽埅璇锋眰----------------銆�"+builder);
- boolean b = roleService.hasUrl(String.valueOf(urlType.get("type")), String.valueOf(urlType.get("menuId")), roleId);
- if(!b){
- log.warn("鐢ㄦ埛/id锛�"+userInfo.get("name")+"/"+userInfo.get("id")+"---------鏉冮檺涓嶈冻锛屽凡鎷︽埅锛�");
- //throw new AuthException("400","鏃犳潈闄�");
- }
- }else {
- throw new AuthException("401","鐧婚檰杩囨湡");
+ if (Objects.nonNull(userInfo)) {
+ if (Objects.equals(userInfo.get("sessionLayerId"), ADMIN)) {
+ log.info("瓒呯骇绠$悊鍛橈紝鏃犻渶鎷︽埅锛�");
+ return;
+ }
+ Class<?> clazz = joinPoint.getTarget().getClass();
+ String clazzName = joinPoint.getTarget().getClass().getName();
+ // 鑾峰彇璁块棶鐨勬柟娉曞悕
+ String methodName = joinPoint.getSignature().getName();
+ // 鑾峰彇鏂规硶鎵�鏈夊弬鏁板強鍏剁被鍨�
+ Class[] argClz = ((MethodSignature) joinPoint.getSignature()).getParameterTypes();
+ // 鑾峰彇璁块棶鐨勬柟娉曞璞�
+ Method method = clazz.getDeclaredMethod(methodName, argClz);
+ //鑾峰彇绫讳笂璇锋眰鍦板潃
+ RequestMapping annotation = clazz.getAnnotation(RequestMapping.class);
+ StringBuilder builder = new StringBuilder();
+ String apiInfo = null;
+ builder.append(annotation.value()[0]);
+ //鑾峰彇鏂规硶涓婃敞瑙�
+ if (method.isAnnotationPresent(PostMapping.class)) {
+ PostMapping post = method.getAnnotation(PostMapping.class);
+ builder.append(post.value()[0]);
+ }
+ if (method.isAnnotationPresent(GetMapping.class)) {
+ GetMapping get = method.getAnnotation(GetMapping.class);
+ builder.append(get.value()[0]);
+ }
+ if (method.isAnnotationPresent(DeleteMapping.class)) {
+ DeleteMapping delete = method.getAnnotation(DeleteMapping.class);
+ builder.append(delete.value()[0]);
+ }
+ if (method.isAnnotationPresent(PutMapping.class)) {
+ PutMapping put = method.getAnnotation(PutMapping.class);
+ builder.append(put.value()[0]);
+ }
+ if (method.isAnnotationPresent(ApiOperation.class)) {
+ ApiOperation api = method.getAnnotation(ApiOperation.class);
+ apiInfo = api.value();
+ }
+ String roleId = String.valueOf(userInfo.get("roleId"));
+ Map<String, Object> urlType = roleService.getUrlType(builder.toString());
+ log.info("鎷︽埅璇锋眰----------------銆�" + builder);
+ boolean b = roleService.hasUrl(String.valueOf(urlType.get("type")), String.valueOf(urlType.get("menuId")), roleId);
+ if (!b) {
+ log.warn("鐢ㄦ埛/id锛�" + userInfo.get("name") + "/" + userInfo.get("id") + "---------鏉冮檺涓嶈冻锛屽凡鎷︽埅锛�");
+ //throw new AuthException("400","鏃犳潈闄�");
+ }
+ } else {
+ throw new AuthException("401", "鐧婚檰杩囨湡");
}
}
-
-
}
diff --git a/sys/src/test/java/com/yuanchu/limslaboratory/SysApplicationTests.java b/sys/src/test/java/com/yuanchu/limslaboratory/SysApplicationTests.java
index 86e81c4..7a583c9 100644
--- a/sys/src/test/java/com/yuanchu/limslaboratory/SysApplicationTests.java
+++ b/sys/src/test/java/com/yuanchu/limslaboratory/SysApplicationTests.java
@@ -1,5 +1,6 @@
package com.yuanchu.limslaboratory;
+import cn.hutool.crypto.SecureUtil;
import com.yuanchu.limslaboratory.mapper.OrganizationalMapper;
import com.yuanchu.limslaboratory.service.PlanService;
import com.yuanchu.limslaboratory.service.UserService;
@@ -40,6 +41,11 @@
}
@Test
+ void TT2(){
+ System.out.println(SecureUtil.md5(SecureUtil.md5("account")));
+ }
+
+ @Test
void uploading() {
// 鏇挎崲涓篸oc鎴杁ocx鏂囦欢鐨勮矾寰�
String filePath = "D:\\20892\\desktop\\QR-14-01-02+++鍐呴儴瀹℃牳骞村害璁″垝.doc";
diff --git a/user-server/src/main/java/com/yuanchu/limslaboratory/clients/UserLoginUtils.java b/user-server/src/main/java/com/yuanchu/limslaboratory/clients/UserLoginUtils.java
index 7159e84..e5dcb47 100644
--- a/user-server/src/main/java/com/yuanchu/limslaboratory/clients/UserLoginUtils.java
+++ b/user-server/src/main/java/com/yuanchu/limslaboratory/clients/UserLoginUtils.java
@@ -1,5 +1,6 @@
package com.yuanchu.limslaboratory.clients;
+import cn.hutool.crypto.SecureUtil;
import com.yuanchu.limslaboratory.mapper.RoleManageMapper;
import com.yuanchu.limslaboratory.mapper.UserMapper;
import com.yuanchu.limslaboratory.pojo.Menu;
@@ -51,6 +52,7 @@
mapRedis.put("name", user.getName());
mapRedis.put("enterpriseId", user.getEnterpriseId());
mapRedis.put("data", data);
+ mapRedis.put("sessionLayerId", SecureUtil.md5(SecureUtil.md5(user.getAccount())));
mapRedis.put("roleId",user.getRoleId());
//瀛樺叆redis,浜屼釜灏忔椂鍚庡垹闄�
RedisUtil.set(token, mapRedis, 120);
diff --git a/user-server/src/main/java/com/yuanchu/limslaboratory/service/impl/UserServiceImpl.java b/user-server/src/main/java/com/yuanchu/limslaboratory/service/impl/UserServiceImpl.java
index 9ec7650..a30ccda 100644
--- a/user-server/src/main/java/com/yuanchu/limslaboratory/service/impl/UserServiceImpl.java
+++ b/user-server/src/main/java/com/yuanchu/limslaboratory/service/impl/UserServiceImpl.java
@@ -58,9 +58,11 @@
}
Map<String, Object> data = new HashMap<>();
data.put("name",loginUser.get("name"));
+ data.put("account", loginUser.get("account"));
data.put("id",loginUser.get("id"));
data.put("roleId",loginUser.get("roleId"));
data.put("remind", remind);
+ data.put("sessionLayerId",loginUser.get("sessionLayerId"));
RoleAndMenuDto role = getRoleInfo(Long.valueOf(String.valueOf(loginUser.get("roleId"))));
data.put("role",role);
return data;
@@ -148,6 +150,9 @@
public RoleAndMenuDto getRoleInfo(Long roleId) {
+ if(roleId==0){
+ return null;
+ }
RoleAndMenuDto roleAndMenuDto = roleManageMapper.selectAllRoleAndMenuByRoleId(roleId);
List<RoleMenu> collect = roleAndMenuDto.getRoleMenuList()
.stream()
diff --git a/user-server/src/main/resources/mapper/UserMapper.xml b/user-server/src/main/resources/mapper/UserMapper.xml
index 039f57c..748e1ca 100644
--- a/user-server/src/main/resources/mapper/UserMapper.xml
+++ b/user-server/src/main/resources/mapper/UserMapper.xml
@@ -33,6 +33,7 @@
<if test="status != null">
AND u.`job_state` in (#{status})
</if>
+ and type=1
ORDER BY u.`create_time` DESC
</select>
--
Gitblit v1.9.3