From 064457406bda554e713aea8bada1bb066be42b8e Mon Sep 17 00:00:00 2001
From: XiaoRuby <3114200645@qq.com>
Date: 星期六, 23 九月 2023 12:39:29 +0800
Subject: [PATCH] 9-23 去鵷雏管理端验证
---
sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java | 97 ++++++++++++++++++++++++++++++++++--------------
1 files changed, 68 insertions(+), 29 deletions(-)
diff --git a/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java b/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
index 4e6b38f..ed54614 100644
--- a/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
+++ b/sys/src/main/java/com/yuanchu/limslaboratory/aop/AuthRequestAspect.java
@@ -1,30 +1,28 @@
package com.yuanchu.limslaboratory.aop;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.yuanchu.limslaboratory.annotation.RequestInfo;
+import com.yuanchu.limslaboratory.annotation.AuthHandler;
import com.yuanchu.limslaboratory.exception.AuthException;
+import com.yuanchu.limslaboratory.pojo.User;
+import com.yuanchu.limslaboratory.service.RoleManagerService;
+import com.yuanchu.limslaboratory.service.UserService;
import com.yuanchu.limslaboratory.utils.ServletUtils;
-import com.yuanchu.limslaboratory.vo.Result;
import io.swagger.annotations.ApiOperation;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.*;
+import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
-import java.nio.charset.StandardCharsets;
import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
+import java.util.Objects;
/**
* @Author 寮犲
@@ -35,35 +33,76 @@
@Aspect
public class AuthRequestAspect {
- @Pointcut("@annotation(com.yuanchu.limslaboratory.annotation.RequestInfo)")
+ @Pointcut("@annotation(com.yuanchu.limslaboratory.annotation.AuthHandler)")
public void pointCut() {
}
- //private ThreadLocal<ConcurrentHashMap<String, Map>> threadLocal;
+ private final static String ADMIN = "c3284d0f94606de1fd2af172aba15bf3";
+
+
+ @Resource
+ private UserService userService;
+
+
+ @Resource
+ private RoleManagerService roleService;
@SneakyThrows
@Before("pointCut()")
public void before(JoinPoint joinPoint) {
HttpServletRequest request = ServletUtils.getRequest();
- log.info("鎷︽埅=====銆�"+request.getServletPath());
- Class<?> clazz = joinPoint.getTarget().getClass();
- String clazzName = joinPoint.getTarget().getClass().getName();
- // 鑾峰彇璁块棶鐨勬柟娉曞悕
- String methodName = joinPoint.getSignature().getName();
- // 鑾峰彇鏂规硶鎵�鏈夊弬鏁板強鍏剁被鍨�
- Class[] argClz = ((MethodSignature) joinPoint.getSignature()).getParameterTypes();
- // 鑾峰彇璁块棶鐨勬柟娉曞璞�
- Method method = clazz.getDeclaredMethod(methodName, argClz);
- // 鍒ゆ柇褰撳墠璁块棶鐨勬柟娉曟槸鍚﹀瓨鍦ㄦ寚瀹氭敞瑙�
- if (method.isAnnotationPresent(RequestInfo.class)) {
- RequestInfo annotation = method.getAnnotation(RequestInfo.class);
- System.out.println(annotation.name());
- System.out.println(annotation.type());
+ Map<String, Object> userInfo = userService.getUserInfo(request.getHeader("X-Token"));
+ if (Objects.nonNull(userInfo)) {
+ if (Objects.equals(userInfo.get("sessionLayerId"), ADMIN)) {
+ log.info("瓒呯骇绠$悊鍛橈紝鏃犻渶鎷︽埅锛�");
+ return;
+ }
+ Class<?> clazz = joinPoint.getTarget().getClass();
+ String clazzName = joinPoint.getTarget().getClass().getName();
+ // 鑾峰彇璁块棶鐨勬柟娉曞悕
+ String methodName = joinPoint.getSignature().getName();
+ // 鑾峰彇鏂规硶鎵�鏈夊弬鏁板強鍏剁被鍨�
+ Class[] argClz = ((MethodSignature) joinPoint.getSignature()).getParameterTypes();
+ // 鑾峰彇璁块棶鐨勬柟娉曞璞�
+ Method method = clazz.getDeclaredMethod(methodName, argClz);
+ //鑾峰彇绫讳笂璇锋眰鍦板潃
+ RequestMapping annotation = clazz.getAnnotation(RequestMapping.class);
+ StringBuilder builder = new StringBuilder();
+ String apiInfo = null;
+ builder.append(annotation.value()[0]);
+ //鑾峰彇鏂规硶涓婃敞瑙�
+ if (method.isAnnotationPresent(PostMapping.class)) {
+ PostMapping post = method.getAnnotation(PostMapping.class);
+ builder.append(post.value()[0]);
+ }
+ if (method.isAnnotationPresent(GetMapping.class)) {
+ GetMapping get = method.getAnnotation(GetMapping.class);
+ builder.append(get.value()[0]);
+ }
+ if (method.isAnnotationPresent(DeleteMapping.class)) {
+ DeleteMapping delete = method.getAnnotation(DeleteMapping.class);
+ builder.append(delete.value()[0]);
+ }
+ if (method.isAnnotationPresent(PutMapping.class)) {
+ PutMapping put = method.getAnnotation(PutMapping.class);
+ builder.append(put.value()[0]);
+ }
+ if (method.isAnnotationPresent(ApiOperation.class)) {
+ ApiOperation api = method.getAnnotation(ApiOperation.class);
+ apiInfo = api.value();
+ }
+ String roleId = String.valueOf(userInfo.get("roleId"));
+ Map<String, Object> urlType = roleService.getUrlType(builder.toString());
+ log.info("鎷︽埅璇锋眰----------------銆�" + builder);
+ boolean b = roleService.hasUrl(String.valueOf(urlType.get("type")), String.valueOf(urlType.get("menuId")), roleId);
+ if (!b) {
+ log.warn("鐢ㄦ埛/id锛�" + userInfo.get("name") + "/" + userInfo.get("id") + "---------鏉冮檺涓嶈冻锛屽凡鎷︽埅锛�");
+ throw new AuthException("400","鏃犳潈闄�");
+ }
+ } else {
+ throw new AuthException("401", "鐧婚檰杩囨湡!");
}
- //throw new AuthException("400","鏃犳潈闄�");
}
-
-
}
--
Gitblit v1.9.3