java切面实现权限控制
package com.htsc.gtp.bss.permission;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface DataPermission {
String businessType() default "";
String permissionType() default "";
boolean enabled() default true;
}
package com.htsc.gtp.bss.permission;
import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import com.htsc.boot.groovy.model.ThreadLocalContext;
import com.htsc.gtp.tmds.risk.dto.RcRuleConfigDto;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestClientException;
import javax.annotation.PostConstruct;
import java.util.concurrent.TimeUnit;
@Aspect
@Component
public class DataPermissionInterceptor {
private static final Logger LOGGER = LoggerFactory.getLogger(DataPermissionInterceptor.class);
private Cache<String, Boolean> permissionCache;
@PostConstruct
public void init() {
permissionCache = Caffeine.newBuilder().expireAfterWrite(1, TimeUnit.MINUTES).build();
}
@Around("@annotation(dataPermission)")
public Object checkPermission(ProceedingJoinPoint joinPoint, DataPermission dataPermission) throws Throwable {
LOGGER.info("DataPermissionInterceptor checkPermission start,user:{} ", ThreadLocalContext.getLoginEmpId());
if (!dataPermission.enabled()) {
return joinPoint.proceed();
}
if (!checkPermission(joinPoint, ThreadLocalContext.getLoginEmpId(), dataPermission.businessType(), dataPermission.permissionType())) {
throw new RestClientException("暂无操作权限,请联系管理员");
}
LOGGER.info("DataPermissionInterceptor checkPermission end,user:{} ", ThreadLocalContext.getLoginEmpId());
return joinPoint.proceed();
}
private boolean checkPermission(ProceedingJoinPoint joinPoint, String loginEmpId, String businessType, String permissionType) {
Boolean hasPermission = permissionCache.getIfPresent(loginEmpId);
if (hasPermission == null) {
}
Object[] args = joinPoint.getArgs();
for (Object arg : args) {
if (arg instanceof RcRuleConfigDto) {
RcRuleConfigDto userRequest = (RcRuleConfigDto) arg;
String unifiedAcct = userRequest.getUnifiedAcct();
System.out.println("Unified Acct from UserRequest: " + unifiedAcct);
}
if (arg instanceof RcRuleConfigDto) {
RcRuleConfigDto userRequest = (RcRuleConfigDto) arg;
String unifiedAcct = userRequest.getUnifiedAcct();
System.out.println("Unified Acct from UserRequest: " + unifiedAcct);
}
}
return false;
}
}