Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
f158d87798
|
|
@ -57,6 +57,11 @@ public class SysDic extends BaseEntity {
|
||||||
*/
|
*/
|
||||||
private String level;
|
private String level;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* o/null: 默认,需要鉴权, 1: 跳过鉴权
|
||||||
|
*/
|
||||||
|
private Integer skipPermission;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 状态
|
* 状态
|
||||||
*/
|
*/
|
||||||
|
|
@ -159,6 +164,14 @@ public class SysDic extends BaseEntity {
|
||||||
return creator;
|
return creator;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Integer getSkipPermission() {
|
||||||
|
return skipPermission;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setSkipPermission(Integer skipPermission) {
|
||||||
|
this.skipPermission = skipPermission;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
return new ToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE)
|
return new ToStringBuilder(this, ToStringStyle.MULTI_LINE_STYLE)
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,12 @@
|
||||||
package com.bonus.sgzb.common.security.aspect;
|
package com.bonus.sgzb.common.security.aspect;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
import java.lang.reflect.Method;
|
||||||
|
import java.util.Objects;
|
||||||
|
|
||||||
|
import cn.hutool.json.JSONArray;
|
||||||
|
import cn.hutool.json.JSONObject;
|
||||||
|
import cn.hutool.json.JSONUtil;
|
||||||
|
import com.alibaba.fastjson2.JSON;
|
||||||
import com.bonus.sgzb.common.security.auth.AuthUtil;
|
import com.bonus.sgzb.common.security.auth.AuthUtil;
|
||||||
import com.bonus.sgzb.common.security.annotation.RequiresRoles;
|
import com.bonus.sgzb.common.security.annotation.RequiresRoles;
|
||||||
import org.aspectj.lang.ProceedingJoinPoint;
|
import org.aspectj.lang.ProceedingJoinPoint;
|
||||||
|
|
@ -54,9 +59,25 @@ public class PreAuthorizeAspect
|
||||||
@Around("pointcut()")
|
@Around("pointcut()")
|
||||||
public Object around(ProceedingJoinPoint joinPoint) throws Throwable
|
public Object around(ProceedingJoinPoint joinPoint) throws Throwable
|
||||||
{
|
{
|
||||||
|
//获取请求参数
|
||||||
|
boolean needPermission = true;
|
||||||
|
Object[] args = joinPoint.getArgs();
|
||||||
|
String argStr = JSON.toJSONString(args);
|
||||||
|
JSONArray jsonArray = JSONUtil.parseArray(argStr);
|
||||||
|
for (int i = 0; i < jsonArray.size(); i++) {
|
||||||
|
Object obj = jsonArray.getObj(i);
|
||||||
|
if (Objects.nonNull(obj) && obj instanceof JSONObject) {
|
||||||
|
JSONObject jsonObject = (JSONObject) obj;
|
||||||
|
if ("1".equals(jsonObject.getStr("skipPermission"))) {
|
||||||
|
needPermission = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// 注解鉴权
|
// 注解鉴权
|
||||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||||
checkMethodAnnotation(signature.getMethod());
|
checkMethodAnnotation(signature.getMethod(), needPermission);
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
// 执行原有逻辑
|
// 执行原有逻辑
|
||||||
|
|
@ -72,7 +93,7 @@ public class PreAuthorizeAspect
|
||||||
/**
|
/**
|
||||||
* 对一个Method对象进行注解检查
|
* 对一个Method对象进行注解检查
|
||||||
*/
|
*/
|
||||||
public void checkMethodAnnotation(Method method)
|
public void checkMethodAnnotation(Method method, boolean needPermission)
|
||||||
{
|
{
|
||||||
// 校验 @RequiresLogin 注解
|
// 校验 @RequiresLogin 注解
|
||||||
RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
|
RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
|
||||||
|
|
@ -89,10 +110,11 @@ public class PreAuthorizeAspect
|
||||||
}
|
}
|
||||||
|
|
||||||
// 校验 @RequiresPermissions 注解
|
// 校验 @RequiresPermissions 注解
|
||||||
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
|
if (needPermission) {
|
||||||
if (requiresPermissions != null)
|
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
|
||||||
{
|
if (requiresPermissions != null) {
|
||||||
AuthUtil.checkPermi(requiresPermissions);
|
AuthUtil.checkPermi(requiresPermissions);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ import com.bonus.sgzb.common.core.web.domain.AjaxResult;
|
||||||
import com.bonus.sgzb.common.core.web.page.TableDataInfo;
|
import com.bonus.sgzb.common.core.web.page.TableDataInfo;
|
||||||
import com.bonus.sgzb.common.security.annotation.InnerAuth;
|
import com.bonus.sgzb.common.security.annotation.InnerAuth;
|
||||||
import com.bonus.sgzb.base.api.domain.BmStorageLog;
|
import com.bonus.sgzb.base.api.domain.BmStorageLog;
|
||||||
|
import com.bonus.sgzb.common.security.annotation.RequiresPermissions;
|
||||||
import com.bonus.sgzb.system.service.impl.BmStorageLogService;
|
import com.bonus.sgzb.system.service.impl.BmStorageLogService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
|
|
@ -26,6 +27,7 @@ public class BmStorageLogController extends BaseController {
|
||||||
@Autowired
|
@Autowired
|
||||||
private BmStorageLogService bmStorageLogService;
|
private BmStorageLogService bmStorageLogService;
|
||||||
|
|
||||||
|
@RequiresPermissions("stock:log:list")
|
||||||
@GetMapping("/list")
|
@GetMapping("/list")
|
||||||
public TableDataInfo list(BmStorageLog record) {
|
public TableDataInfo list(BmStorageLog record) {
|
||||||
startPage();
|
startPage();
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue