From ec2e96236b9a78d3a1a98aaed399be685222ca7a Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Sun, 29 Sep 2024 10:26:40 +0800 Subject: [PATCH] =?UTF-8?q?=E8=8F=9C=E5=8D=95=E9=89=B4=E6=9D=83=EF=BC=8C?= =?UTF-8?q?=E7=BD=91=E9=A1=B5=E4=B8=8B=E6=8B=89=E4=B8=8D=E9=89=B4=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bonus/sgzb/base/api/domain/SysDic.java | 13 +++++++++++ .../security/aspect/PreAuthorizeAspect.java | 22 +++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java index 1b7522d..ecf6281 100644 --- a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java +++ b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java @@ -57,6 +57,11 @@ public class SysDic extends BaseEntity { */ private String level; + /** + * o/null: 默认,需要鉴权, 1: 跳过鉴权 + */ + private Integer skipPermission; + /** * 状态 */ @@ -159,6 +164,14 @@ public class SysDic extends BaseEntity { return creator; } + public Integer getSkipPermission() { + return skipPermission; + } + + public void setSkipPermission(Integer skipPermission) { + this.skipPermission = skipPermission; + } + @Override public String toString() { return new ToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE) diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java index cd7d078..305c023 100644 --- a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java @@ -2,6 +2,10 @@ package com.bonus.sgzb.common.security.aspect; import java.lang.reflect.Method; +import cn.hutool.json.JSONArray; +import cn.hutool.json.JSONObject; +import cn.hutool.json.JSONUtil; +import com.alibaba.fastjson2.JSON; import com.bonus.sgzb.common.security.auth.AuthUtil; import com.bonus.sgzb.common.security.annotation.RequiresRoles; import org.aspectj.lang.ProceedingJoinPoint; @@ -54,9 +58,23 @@ public class PreAuthorizeAspect @Around("pointcut()") public Object around(ProceedingJoinPoint joinPoint) throws Throwable { + //获取请求参数 + Object[] args = joinPoint.getArgs(); + String argStr = JSON.toJSONString(args); + JSONArray jsonArray = JSONUtil.parseArray(argStr); + boolean needPermission = true; + for (int i = 0; i < jsonArray.size(); i++) { + JSONObject jsonObject = jsonArray.getJSONObject(i); + if ("1".equals(jsonObject.getStr("skipPermission"))) { + needPermission = false; + } + } + // 注解鉴权 - MethodSignature signature = (MethodSignature) joinPoint.getSignature(); - checkMethodAnnotation(signature.getMethod()); + if (needPermission) { + MethodSignature signature = (MethodSignature) joinPoint.getSignature(); + checkMethodAnnotation(signature.getMethod()); + } try { // 执行原有逻辑