From ec2e96236b9a78d3a1a98aaed399be685222ca7a Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Sun, 29 Sep 2024 10:26:40 +0800 Subject: [PATCH 1/4] =?UTF-8?q?=E8=8F=9C=E5=8D=95=E9=89=B4=E6=9D=83?= =?UTF-8?q?=EF=BC=8C=E7=BD=91=E9=A1=B5=E4=B8=8B=E6=8B=89=E4=B8=8D=E9=89=B4?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bonus/sgzb/base/api/domain/SysDic.java | 13 +++++++++++ .../security/aspect/PreAuthorizeAspect.java | 22 +++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java index 1b7522d..ecf6281 100644 --- a/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java +++ b/sgzb-api/sgzb-api-system/src/main/java/com/bonus/sgzb/base/api/domain/SysDic.java @@ -57,6 +57,11 @@ public class SysDic extends BaseEntity { */ private String level; + /** + * o/null: 默认,需要鉴权, 1: 跳过鉴权 + */ + private Integer skipPermission; + /** * 状态 */ @@ -159,6 +164,14 @@ public class SysDic extends BaseEntity { return creator; } + public Integer getSkipPermission() { + return skipPermission; + } + + public void setSkipPermission(Integer skipPermission) { + this.skipPermission = skipPermission; + } + @Override public String toString() { return new ToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE) diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java index cd7d078..305c023 100644 --- a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java @@ -2,6 +2,10 @@ package com.bonus.sgzb.common.security.aspect; import java.lang.reflect.Method; +import cn.hutool.json.JSONArray; +import cn.hutool.json.JSONObject; +import cn.hutool.json.JSONUtil; +import com.alibaba.fastjson2.JSON; import com.bonus.sgzb.common.security.auth.AuthUtil; import com.bonus.sgzb.common.security.annotation.RequiresRoles; import org.aspectj.lang.ProceedingJoinPoint; @@ -54,9 +58,23 @@ public class PreAuthorizeAspect @Around("pointcut()") public Object around(ProceedingJoinPoint joinPoint) throws Throwable { + //获取请求参数 + Object[] args = joinPoint.getArgs(); + String argStr = JSON.toJSONString(args); + JSONArray jsonArray = JSONUtil.parseArray(argStr); + boolean needPermission = true; + for (int i = 0; i < jsonArray.size(); i++) { + JSONObject jsonObject = jsonArray.getJSONObject(i); + if ("1".equals(jsonObject.getStr("skipPermission"))) { + needPermission = false; + } + } + // 注解鉴权 - MethodSignature signature = (MethodSignature) joinPoint.getSignature(); - checkMethodAnnotation(signature.getMethod()); + if (needPermission) { + MethodSignature signature = (MethodSignature) joinPoint.getSignature(); + checkMethodAnnotation(signature.getMethod()); + } try { // 执行原有逻辑 From 8f772fd0f69a549489ffbcee54c683b589f0917a Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Sun, 29 Sep 2024 12:16:35 +0800 Subject: [PATCH 2/4] =?UTF-8?q?=E8=8F=9C=E5=8D=95=E9=89=B4=E6=9D=83?= =?UTF-8?q?=EF=BC=8C=E7=BD=91=E9=A1=B5=E4=B8=8B=E6=8B=89=E4=B8=8D=E9=89=B4?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/security/aspect/PreAuthorizeAspect.java | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java index 305c023..33dd763 100644 --- a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java @@ -1,6 +1,7 @@ package com.bonus.sgzb.common.security.aspect; import java.lang.reflect.Method; +import java.util.Objects; import cn.hutool.json.JSONArray; import cn.hutool.json.JSONObject; @@ -64,9 +65,12 @@ public class PreAuthorizeAspect JSONArray jsonArray = JSONUtil.parseArray(argStr); boolean needPermission = true; for (int i = 0; i < jsonArray.size(); i++) { - JSONObject jsonObject = jsonArray.getJSONObject(i); - if ("1".equals(jsonObject.getStr("skipPermission"))) { - needPermission = false; + Object obj = jsonArray.getObj(i); + if (Objects.nonNull(obj) && obj instanceof JSONObject) { + JSONObject jsonObject = (JSONObject) obj; + if ("1".equals(jsonObject.getStr("skipPermission"))) { + needPermission = false; + } } } From 019894f1112a80020303779af7e9b2a68134f632 Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Sun, 29 Sep 2024 12:16:50 +0800 Subject: [PATCH 3/4] =?UTF-8?q?storage=20log=20=E8=8F=9C=E5=8D=95=E9=89=B4?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../bonus/sgzb/system/controller/BmStorageLogController.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java index 97af313..ab567b2 100644 --- a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java +++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/BmStorageLogController.java @@ -5,6 +5,7 @@ import com.bonus.sgzb.common.core.web.domain.AjaxResult; import com.bonus.sgzb.common.core.web.page.TableDataInfo; import com.bonus.sgzb.common.security.annotation.InnerAuth; import com.bonus.sgzb.base.api.domain.BmStorageLog; +import com.bonus.sgzb.common.security.annotation.RequiresPermissions; import com.bonus.sgzb.system.service.impl.BmStorageLogService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; @@ -26,6 +27,7 @@ public class BmStorageLogController extends BaseController { @Autowired private BmStorageLogService bmStorageLogService; + @RequiresPermissions("stock:log:list") @GetMapping("/list") public TableDataInfo list(BmStorageLog record) { startPage(); From c490ec515f1eb78ed21c9e9b5661ea88573af112 Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Sun, 29 Sep 2024 13:03:37 +0800 Subject: [PATCH 4/4] =?UTF-8?q?=E8=8F=9C=E5=8D=95=E9=89=B4=E6=9D=83?= =?UTF-8?q?=EF=BC=8C=E7=BD=91=E9=A1=B5=E4=B8=8B=E6=8B=89=E4=B8=8D=E9=89=B4?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/aspect/PreAuthorizeAspect.java | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java index 33dd763..ff3c219 100644 --- a/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java +++ b/sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java @@ -60,10 +60,10 @@ public class PreAuthorizeAspect public Object around(ProceedingJoinPoint joinPoint) throws Throwable { //获取请求参数 + boolean needPermission = true; Object[] args = joinPoint.getArgs(); String argStr = JSON.toJSONString(args); JSONArray jsonArray = JSONUtil.parseArray(argStr); - boolean needPermission = true; for (int i = 0; i < jsonArray.size(); i++) { Object obj = jsonArray.getObj(i); if (Objects.nonNull(obj) && obj instanceof JSONObject) { @@ -75,10 +75,9 @@ public class PreAuthorizeAspect } // 注解鉴权 - if (needPermission) { - MethodSignature signature = (MethodSignature) joinPoint.getSignature(); - checkMethodAnnotation(signature.getMethod()); - } + MethodSignature signature = (MethodSignature) joinPoint.getSignature(); + checkMethodAnnotation(signature.getMethod(), needPermission); + try { // 执行原有逻辑 @@ -94,7 +93,7 @@ public class PreAuthorizeAspect /** * 对一个Method对象进行注解检查 */ - public void checkMethodAnnotation(Method method) + public void checkMethodAnnotation(Method method, boolean needPermission) { // 校验 @RequiresLogin 注解 RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class); @@ -111,10 +110,11 @@ public class PreAuthorizeAspect } // 校验 @RequiresPermissions 注解 - RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class); - if (requiresPermissions != null) - { - AuthUtil.checkPermi(requiresPermissions); + if (needPermission) { + RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class); + if (requiresPermissions != null) { + AuthUtil.checkPermi(requiresPermissions); + } } } }