From aaceef018d7b997a170d0c9cdee2fee1c1bab1e4 Mon Sep 17 00:00:00 2001
From: nidapeng <jp@doumee.com>
Date: 星期二, 30 四月 2024 14:29:21 +0800
Subject: [PATCH] 最新版本

---
 server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java |   29 +++++++++++++++++++++++++++--
 1 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index 9042b1f..8fb8aee 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -7,6 +7,8 @@
 import com.doumee.core.model.LoginUserInfo;
 import com.doumee.core.utils.Constants;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.UnauthorizedException;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerInterceptor;
@@ -32,7 +34,28 @@
             //鑾峰彇token
             String token = request.getHeader(Constants.HEADER_USER_TOKEN);  // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
             if (StringUtils.isNotBlank(token)) {
-                checkLogin(request,response);
+              LoginUserInfo user =   checkLogin(request,response);
+                if (!handlerMethod.hasMethodAnnotation(RequiresPermissions.class)) {
+                    RequiresPermissions p = handlerMethod.getMethodAnnotation(RequiresPermissions.class);
+                    if(p.value()!=null && p.value().length>0){
+                        boolean hasPermission = false;
+                        for(String s :p.value()){
+                            if(user.getPermissions()!=null){
+                                for(String t :user.getPermissions()){
+                                    if(StringUtils.equals(t,s)){
+                                        hasPermission = true;
+                                        break;
+                                    }
+                                }
+                            }
+                        }
+                        if(!hasPermission) {
+                            //娌℃湁鎿嶄綔鏉冮檺
+                            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+                        }
+                    }
+
+                }
             } else {
                 throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
             }
@@ -40,7 +63,7 @@
         return true;
     }
 
-    private void checkLogin(HttpServletRequest request, HttpServletResponse response) {
+    private LoginUserInfo checkLogin(HttpServletRequest request, HttpServletResponse response) {
         String token = request.getHeader(Constants.HEADER_USER_TOKEN);
         if (token == null || token.isEmpty()) {
             throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
@@ -53,6 +76,8 @@
         if(user ==null ){
             throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"鐢ㄦ埛鐧婚檰宸插け鏁堬紝璇烽噸鏂扮櫥闄嗭紒");
         }
+        //鏉冮檺鍒ゆ柇------------
+        return  user;
     }
 
     //    @Override

--
Gitblit v1.9.3