PermissionDataAspect.java
5.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
package com.skua.config.aspect;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.skua.core.api.vo.SysUserCacheInfo;
import com.skua.core.aspect.annotation.PermissionData;
import com.skua.core.context.SpringContextUtils;
import com.skua.core.entity.SysPermissionDataRule;
import com.skua.core.util.ConvertUtils;
import com.skua.core.util.JeecgDataAutorUtils;
import com.skua.core.util.JwtUtil;
import com.skua.modules.system.entity.SysPermission;
import com.skua.modules.system.service.ISysPermissionDataRuleService;
import com.skua.modules.system.service.ISysPermissionService;
import com.skua.modules.system.service.ISysUserService;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.List;
/**
* 数据权限切面处理类
* 当被请求的方法有注解PermissionData时,会在往当前request中写入数据权限信息
*/
@Aspect
@Component
@Slf4j
public class PermissionDataAspect {
@Autowired
private ISysPermissionService sysPermissionService;
@Autowired
private ISysPermissionDataRuleService sysPermissionDataRuleService;
@Autowired
private ISysUserService sysUserService;
@Pointcut("@annotation(com.skua.core.aspect.annotation.PermissionData)")
public void pointCut() {
}
@Around("pointCut()")
public Object arround(ProceedingJoinPoint point) throws Throwable{
HttpServletRequest request = SpringContextUtils.getHttpServletRequest();
MethodSignature signature = (MethodSignature) point.getSignature();
Method method = signature.getMethod();
PermissionData pd = method.getAnnotation(PermissionData.class);
String component = pd.pageComponent();
SysPermission currentSyspermission=null;
if(ConvertUtils.isNotEmpty(component)) {
//1.通过注解属性pageComponent 获取菜单
LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
query.eq(SysPermission::getDelFlag,0);
query.eq(SysPermission::getComponent, component);
currentSyspermission = sysPermissionService.getOne(query);
}else {
String requestMethod = request.getMethod();
String requestPath = request.getRequestURI().substring(request.getContextPath().length());
requestPath = filterUrl(requestPath);
log.info("拦截请求>>"+requestPath+";请求类型>>"+requestMethod);
//1.直接通过前端请求地址查询菜单
LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
query.eq(SysPermission::getMenuType,2);
query.eq(SysPermission::getDelFlag,0);
query.eq(SysPermission::getUrl, requestPath);
currentSyspermission = sysPermissionService.getOne(query);
//2.未找到 再通过正则匹配获取菜单
if(currentSyspermission==null) {
String regUrl = getRegexpUrl(requestPath);
if(regUrl!=null) {
currentSyspermission = sysPermissionService.getOne(new LambdaQueryWrapper<SysPermission>().eq(SysPermission::getMenuType,2).eq(SysPermission::getUrl, regUrl).eq(SysPermission::getDelFlag,0));
}
}
}
//3.通过用户名+菜单ID 找到权限配置信息 放到request中去
if(currentSyspermission!=null) {
String username = JwtUtil.getUserNameByToken(request);
List<SysPermissionDataRule> dataRules = sysPermissionDataRuleService.queryPermissionDataRules(username, currentSyspermission.getId());
if(dataRules!=null && dataRules.size()>0) {
JeecgDataAutorUtils.installDataSearchConditon(request, dataRules);
//TODO 此处将用户信息查找出来放到request中实属无奈 可以优化
SysUserCacheInfo userinfo = sysUserService.getCacheUser(username);
JeecgDataAutorUtils.installUserInfo(request, userinfo);
}
}
return point.proceed();
}
private String filterUrl(String requestPath){
String url = "";
if(ConvertUtils.isNotEmpty(requestPath)){
url = requestPath.replace("\\", "/");
url = requestPath.replace("//", "/");
if(url.indexOf("//")>=0){
url = filterUrl(url);
}
/*if(url.startsWith("/")){
url=url.substring(1);
}*/
}
return url;
}
/**
* 获取请求地址
* @param request
* @return
*/
private String getJgAuthRequsetPath(HttpServletRequest request) {
String queryString = request.getQueryString();
String requestPath = request.getRequestURI();
if(ConvertUtils.isNotEmpty(queryString)){
requestPath += "?" + queryString;
}
if (requestPath.indexOf("&") > -1) {// 去掉其他参数(保留一个参数) 例如:loginController.do?login
requestPath = requestPath.substring(0, requestPath.indexOf("&"));
}
if(requestPath.indexOf("=")!=-1){
if(requestPath.indexOf(".do")!=-1){
requestPath = requestPath.substring(0,requestPath.indexOf(".do")+3);
}else{
requestPath = requestPath.substring(0,requestPath.indexOf("?"));
}
}
requestPath = requestPath.substring(request.getContextPath().length() + 1);// 去掉项目路径
return filterUrl(requestPath);
}
private boolean moHuContain(List<String> list,String key){
for(String str : list){
if(key.contains(str)){
return true;
}
}
return false;
}
/**
* 匹配前端传过来的地址 匹配成功返回正则地址
* AntPathMatcher匹配地址
*()* 匹配0个或多个字符
*()**匹配0个或多个目录
*/
private String getRegexpUrl(String url) {
List<String> list = sysPermissionService.queryPermissionUrlWithStar();
if(list!=null && list.size()>0) {
for (String p : list) {
PathMatcher matcher = new AntPathMatcher();
if(matcher.match(p, url)) {
return p;
}
}
}
return null;
}
}