增加支持在请求里增加skipPermission 可以跳过权限验证

2024-10-23 15:49:12 +08:00 · 2024-10-23 15:49:12 +08:00 · daa8776312
parent 57b2a2f880
commit daa8776312
1 changed files with 27 additions and 14 deletions
--- a/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/auth/AuthLogic.java
+++ b/bonus-common/bonus-common-security/src/main/java/com/bonus/common/security/auth/AuthLogic.java
@ -1,10 +1,8 @@
 package com.bonus.common.security.auth;
-import java.util.Collection;
+import java.util.*;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import cn.hutool.json.JSONObject;
 import com.bonus.common.core.constant.SecurityConstants;
 import com.bonus.common.core.domain.R;
 import com.bonus.common.core.utils.DateUtils;
@ -146,17 +144,32 @@ public class AuthLogic
     */
    public void checkPermi(RequiresPermissions requiresPermissions, ProceedingJoinPoint joinPoint)
    {
-        SecurityContextHolder.setPermission(StringUtils.join(requiresPermissions.value(), ","));
+        //获取请求参数
-        if (requiresPermissions.logical() == Logical.AND) {
+        boolean needPermission = true;
-            try{
+        Object[] args = joinPoint.getArgs();
-                checkPermiAnd(requiresPermissions.value());
+        for (int i = 0; i < args.length; i++) {
-            }catch (Exception e){
+            Object obj = args[i];
-                //记录越权日志
+            if (Objects.nonNull(obj) && obj instanceof JSONObject) {
-                addErrorLogs(joinPoint,requiresPermissions);
+                JSONObject jsonObject = (JSONObject) obj;
-                throw new NotPermissionException(requiresPermissions.value()[0]);
+                if ("1".equals(jsonObject.getStr("skipPermission"))) {
                    needPermission = false;
                }
            }
        }
        if (needPermission) {
            SecurityContextHolder.setPermission(StringUtils.join(requiresPermissions.value(), ","));
            if (requiresPermissions.logical() == Logical.AND) {
                try {
                    checkPermiAnd(requiresPermissions.value());
                } catch (Exception e) {
                    //记录越权日志
                    addErrorLogs(joinPoint, requiresPermissions);
                    throw new NotPermissionException(requiresPermissions.value()[0]);
                }
            } else {
                checkPermiOr(requiresPermissions.value());
            }
        } else {
            checkPermiOr(requiresPermissions.value());
        }
    }