package com.weichat.permissions;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.weichat.mapper.PmmMapper;
import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Enumeration;
/**
* Created by Administrator on 2018/5/28 0028.
*/
@Aspect
@Component
public class Permissionsfiltering {
private Logger logger = Logger.getLogger(getClass());
private String[] excludePaths = new String[]{"/wxLoginUserNumber","/wxLogin","/errorCatch"};
private String[] specialPaths = new String[]{"/getPhotoUrl"};
@Autowired
private PmmMapper pmmMapper;
@Pointcut("execution(public * com.weichat.controller..*.*(..))")
public void permissions() {
}
@Before("permissions()")
public void doBefore(JoinPoint joinPoint) throws Throwable {
// 接收到请求,记录请求内容
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
// 只记录post方法
if("POST".equals(request.getMethod())){
// 记录下请求内容
logger.info("请求URL : " + request.getRequestURL());
String path = request.getServletPath();
if (excludePath(path)) {
logger.info("登录或错误记录接口");
}else if(specialPath(path)){
String openid=request.getParameter("openid");
String userIsExist= pmmMapper.selectUserInfo(openid);
if(null != userIsExist && userIsExist.length() != 0){
logger.info("权限通过");
}else{
throw new AuthenticationException("权限异常,用户权限不通过");
}
}else{
// 获取参数, 只取自定义的参数, 自带的HttpServletRequest, HttpServletResponse不管
if (joinPoint.getArgs().length > 0) {
for (Object o : joinPoint.getArgs()) {
if (o instanceof HttpServletRequest || o instanceof HttpServletResponse) {
continue;
}
JSONObject jsStr = JSONObject.parseObject(JSON.toJSONString(o));
logger.info("请求参数:"+jsStr);
String openid=jsStr.get("openid").toString();
String userIsExist= pmmMapper.selectUserInfo(openid);
if(null != userIsExist && userIsExist.length() != 0){
logger.info("权限通过");
}else{
throw new AuthenticationException("权限不通过");
}
}
}else{
throw new AuthenticationException("权限不通过,请求参数问题");
}
}
}else {
throw new AuthenticationException("权限不通过,非POST请求");
}
}
private boolean excludePath(String path) {
for (int i = 0; i < excludePaths.length; i++) {
if (path.equals(excludePaths[i]))
return true;
}
return false;
}
private boolean specialPath(String path) {
for (int i = 0; i < specialPaths.length; i++) {
if (path.equals(specialPaths[i]))
return true;
}
return false;
}
}
pmm的AOP范例
最新推荐文章于 2022-08-30 10:45:05 发布