1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87
| package com.yzyx.repomanage.aop;
@Aspect @Component @Slf4j public class PermissionAspect { @Resource RoleUserService roleUserService; @Resource RoleAuthorityService roleAuthorityService; @Resource AuthorityService authorityService;
@Pointcut("execution(public * com.yzyx.repomanage.controller.*.*(..))") public void aspectTarget(){ log.info("进行权限验证"); }
@Around("aspectTarget()") public Object executeAround(ProceedingJoinPoint joinPoint) throws Throwable { ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); HttpServletRequest request = requestAttributes.getRequest(); HttpServletResponse response = requestAttributes.getResponse(); Object object = null; if (hasPermission(joinPoint, request)) { object = joinPoint.proceed(); } else { response.setHeader("Content-type","application/json; charset=UTF-8"); OutputStream outputStream = response.getOutputStream(); Result result = Result.UserError().appendInfo("权限不足"); outputStream.write(new ObjectMapper().writeValueAsString(result).getBytes("UTF-8")); } return object; }
private boolean hasPermission(JoinPoint joinPoint, HttpServletRequest request) throws Exception { Class targetClass = joinPoint.getTarget().getClass(); String methodName = joinPoint.getSignature().getName(); String value = ParsePermission.parse(targetClass, methodName, joinPoint); log.info("[Required permission] {}", value); if (value.equals("")) { return true; } String token = request.getHeader(JwtTokenUtil.AUTH_HEADER_KEY); if (token != null) { log.info(token); Claims claims = null; try { claims = JwtTokenUtil.parseJWT(token); } catch (UserException e) { log.error(e.getMessage()); e.printStackTrace(); } String username = claims.getSubject(); return checkDatabase(value, username); } return false; }
private boolean checkDatabase(String value, String username) { boolean checked = false; List<RoleUser> roleUserList = roleUserService.getRoleUsers(username); List<RoleAuthority> roleAuthorityList = roleAuthorityService.getRoleAuthorities(roleUserList); List<Authority> authorityList = authorityService.getAuthorities(roleAuthorityList); for(Authority authority : authorityList) { if (authority.getName().equals(value)) { checked = true; break; } } return checked; }
@AfterReturning(returning = "response", pointcut = "aspectTarget()") public void doAfterReturning(Object response){ log.info("[Response] " + response); }
}
|