自定义一注解
@Target({ElementType.TYPE, ElementType.FIELD, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME) // 运行时有效
@Inherited
public @interface RequiredPermission {
}
注解拦截器
/**
* 控制权限
*/
@Slf4j
@Component("accessPermissionInterceptor")
public class AccessPermissionInterceptor implements HandlerInterceptor {
private AntPathMatcher matcher = new AntPathMatcher();
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 验证权限
if (this.hasPermission(request, handler)) {
return true;
}
response.setCharacterEncoding("UTF-8");
response.setHeader("Content-Type", "application/json");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setContentType("application/json;charset=UTF-8");
String s = "{\"code\":" + DefaultResultCode.UN_AUTHORIZATION.getCode() + ", \"message\":\"" + DefaultResultCode.UN_AUTHORIZATION.getMessage() + "\"}";
response.getOutputStream().write(s.getBytes());
return false;
}
/**
* 是否有权限
*/
private boolean hasPermission(HttpServletRequest request, Object handler) {
if (handler instanceof HandlerMethod) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Class<?> clazz = handlerMethod.getMethod().getDeclaringClass();
// 获取方法上的权限注解
RequiredPermission requiredPermission = handlerMethod.getMethod().getAnnotation(RequiredPermission.class);
// 如果方法上的注解为空 则获取类的注解
if (requiredPermission == null) {
requiredPermission = clazz.getAnnotation(RequiredPermission.class);
}
// 如果注解为null, 说明不需要拦截, 直接放过
if (requiredPermission == null) {
return true;
}
// 如果标记了注解,则判断权限 模拟用户权限数据
List<SysPermission> permissionList = new ArrayList();
// step1 获取请求路径
String path = request.getRequestURI();
System.out.println("获取请求路径"+path);
// step2 匹配请求路径
permissionList = permissionList.stream().filter(p -> matcher.match(p.getPermissionCompletePath(),path)).collect(Collectors.toList());
// step3 匹配请求方法类型
List<String> permissionTypeList = permissionList.stream().map(p -> p.getPermissionType()).collect(Collectors.toList());
// 当前支持CRUD 四种操作方式(获取第三方注解)
for (PermissionTypeEnums permissionTypeEnmus : PermissionTypeEnums.values()) {
if (!ObjectUtils.isEmpty(handlerMethod.getMethod().getAnnotation(permissionTypeEnmus.getAClass()))) {
if (permissionTypeList.contains(permissionTypeEnmus.name())) {
return true;
}
}
}
//权限校验失败不能放行
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
自定义一枚举
/**
* CRUD 权限
*/
@AllArgsConstructor
@Getter
@YuntsoftEnumsService(value = "PermissionType",name = "权限")
public enum PermissionTypeEnums implements YuntsoftEnums {
C(PostMapping.class,"保存"),
R(GetMapping.class,"查询"),
U(PutMapping.class,"更改"),
D(DeleteMapping.class,"删除");
private Class<? extends Annotation> aClass;
private String desc;
@Override
public Object getCode() {
return this.aClass;
}
}
比较抽象的部分(细品)
// 当前支持CRUD 四种操作方式
for (PermissionTypeEnums permissionTypeEnmus : PermissionTypeEnums.values()) {
if (!ObjectUtils.isEmpty(handlerMethod.getMethod().getAnnotation(permissionTypeEnmus.getAClass()))) {
if (permissionTypeList.contains(permissionTypeEnmus.name())) {
return true;
}
}
}