Skip to content

张雷 / skboot-zhongye

转到一个项目
切换导航栏
切换导航栏固定状态
6256fe9c 康伟
选项

kangwei :mybaits拦截器添加权限注解校验方法 

          添加权限注解
1 个父辈 ed45deea
内嵌 并排
正在显示 3 个修改的文件 包含 55 行增加1 行删除
sk-base-common/src/main/java/com/skua/tool/annotation/Anonymous.java 0 → 100644
package com.skua.tool.annotation;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 匿名访问不鉴权注解
*
* @author 康伟
*/
@Target({ ElementType.METHOD, ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface Anonymous
{
}
sk-module-biz/src/main/java/com/skua/modules/erp/mapper/PurchasePlanItemMapper.java
......@@ -2,6 +2,7 @@ package com.skua.modules.erp.mapper;
import java.util.List;
import com.skua.tool.annotation.Anonymous;
import org.apache.ibatis.annotations.Param;
import com.skua.modules.erp.entity.PurchasePlanItem;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
......@@ -24,5 +25,6 @@ public interface PurchasePlanItemMapper extends BaseMapper<PurchasePlanItem> {
* @param planId
* @return
*/
@Anonymous
public List<PurchasePlanItem> queryListByPlanId(@Param("planId") String planId);
}
......
sk-module-system/src/main/java/com/skua/config/mybatis/MybatisInterceptor.java
......@@ -16,6 +16,7 @@ import com.skua.core.context.BaseContextHandler;
import com.skua.core.context.SpringContextUtils;
import com.skua.core.util.ConvertUtils;
import com.skua.modules.system.service.impl.SysDepartServiceImpl;
import com.skua.tool.annotation.Anonymous;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.ibatis.binding.MapperMethod.ParamMap;
......@@ -30,6 +31,7 @@ import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Component;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.util.*;
/**
......@@ -100,9 +102,15 @@ public class MybatisInterceptor implements Interceptor {
add("com.skua.modules.remotecontrol.mapper.SysMonitorLocationMapper.getAllData");
}};
@Override
public Object intercept(Invocation invocation) throws Throwable {
MappedStatement mappedStatement = (MappedStatement) invocation.getArgs()[0];
// 检查方法或类上是否有自定义注解:匿名访问注解
Anonymous anonymous = getAnnotationByAnonymous(mappedStatement);
String sqlId = mappedStatement.getId();
log.debug("------sqlId------" + sqlId);
SqlCommandType sqlCommandType = mappedStatement.getSqlCommandType();
......@@ -116,7 +124,10 @@ public class MybatisInterceptor implements Interceptor {
if ("1".equals(BaseContextHandler.get("userType"))) {
return invocation.proceed();
}
System.out.println("********************************sqlId*************************** : "+sqlId);
//匿名访问注解,不涉及权限
if(anonymous != null ){
return invocation.proceed();
}
//这些方法不涉及权限
if ("com.skua.modules.system.mapper.SysDepartMapper.getDepartTreeByJt".equalsIgnoreCase(sqlId)
|| "com.skua.modules.system.mapper.SysDepartMapper.getDepartTree".equalsIgnoreCase(sqlId)
......@@ -808,4 +819,26 @@ public class MybatisInterceptor implements Interceptor {
}
}
/***获取匿名注解:Anonymous */
public Anonymous getAnnotationByAnonymous(MappedStatement mappedStatement){
Anonymous annotation = null;
try {
String id = mappedStatement.getId();
String className = id.substring(0, id.lastIndexOf("."));
String methodName = id.substring(id.lastIndexOf(".") + 1);
final Method[] method = Class.forName(className).getMethods();
for (Method me : method) {
if (me.getName().equals(methodName) && me.isAnnotationPresent(Anonymous.class)) {
return me.getAnnotation(Anonymous.class);
}
}
} catch (Exception ex) {
log.error("", ex);
}
return annotation;
}
}
......
支持 Markdown 格式
你添加了 0 到此讨论。请谨慎行事。
Finish editing this message first!