bonus
/
gzdevicemgt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

菜单鉴权,网页下拉不鉴权

This commit is contained in:
sxu 2024-09-29 14:10:55 +08:00
parent ee0107384e
commit f138b59f2d
2 changed files with 33 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sgzb-common/sgzb-common-security/pom.xml
View File

@ -33,6 +33,12 @@
<groupId>com.bonus.sgzb</groupId> <groupId>com.bonus.sgzb</groupId>
<artifactId>sgzb-common-redis</artifactId> <artifactId>sgzb-common-redis</artifactId>
</dependency> </dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.8.23</version>
<scope>compile</scope>
</dependency>
</dependencies> </dependencies>

30
sgzb-common/sgzb-common-security/src/main/java/com/bonus/sgzb/common/security/aspect/PreAuthorizeAspect.java
View File

@ -1,7 +1,11 @@
package com.bonus.sgzb.common.security.aspect; package com.bonus.sgzb.common.security.aspect;
import java.lang.reflect.Method; import java.lang.reflect.Method;
import java.util.Objects;
import com.alibaba.fastjson2.JSON;
import cn.hutool.json.JSONArray;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import com.bonus.sgzb.common.security.auth.AuthUtil; import com.bonus.sgzb.common.security.auth.AuthUtil;
import com.bonus.sgzb.common.security.annotation.RequiresRoles; import com.bonus.sgzb.common.security.annotation.RequiresRoles;
import org.aspectj.lang.ProceedingJoinPoint; import org.aspectj.lang.ProceedingJoinPoint;
@ -54,9 +58,24 @@ public class PreAuthorizeAspect
@Around("pointcut()") @Around("pointcut()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable public Object around(ProceedingJoinPoint joinPoint) throws Throwable
{ {
//获取请求参数
boolean needPermission = true;
Object[] args = joinPoint.getArgs();
String argStr = JSON.toJSONString(args);
JSONArray jsonArray = JSONUtil.parseArray(argStr);
for (int i = 0; i < jsonArray.size(); i++) {
Object obj = jsonArray.getObj(i);
if (Objects.nonNull(obj) && obj instanceof JSONObject) {
JSONObject jsonObject = (JSONObject) obj;
if ("1".equals(jsonObject.getStr("skipPermission"))) {
needPermission = false;
}
}
}
// 注解鉴权 // 注解鉴权
MethodSignature signature = (MethodSignature) joinPoint.getSignature(); MethodSignature signature = (MethodSignature) joinPoint.getSignature();
checkMethodAnnotation(signature.getMethod()); checkMethodAnnotation(signature.getMethod(), needPermission);
try try
{ {
// 执行原有逻辑 // 执行原有逻辑
@ -72,7 +91,7 @@ public class PreAuthorizeAspect
/** /**
* 对一个Method对象进行注解检查 * 对一个Method对象进行注解检查
*/ */
public void checkMethodAnnotation(Method method) public void checkMethodAnnotation(Method method, boolean needPermission)
{ {
// 校验 @RequiresLogin 注解 // 校验 @RequiresLogin 注解
RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class); RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
@ -89,10 +108,11 @@ public class PreAuthorizeAspect
} }
// 校验 @RequiresPermissions 注解 // 校验 @RequiresPermissions 注解
if (needPermission) {
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class); RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
if (requiresPermissions != null) if (requiresPermissions != null) {
{
AuthUtil.checkPermi(requiresPermissions); AuthUtil.checkPermi(requiresPermissions);
} }
} }
} }
}