/**
* @author dongguabai
* @date 2024-06-25 10:58
*/
@Component
public class RequiresPermissionsHandlerMethodInterceptor extends CustomizedHandlerMethodInterceptor<RequiresPermissions> {
private static final Logger LOGGER = LoggerFactory.getLogger(RequiresPermissionsHandlerMethodInterceptor.class);
@Override
protected boolean preHandle(HttpServletRequest request, HttpServletResponse response,
HandlerMethod handlerMethod, RequiresPermissions annotation) throws Exception {
//获取当前登陆用户
BaseUser user = getLogin();
if (user == null) {
LOGGER.error("Unable to get login information");
return false;
}
String key = annotation.key();
String[] value = annotation.value();
if (StringUtils.isBlank(key) || ArrayUtils.isEmpty(value)) {
return true;
}
//获取目标id
Long id = getId(request, handlerMethod, key);
if (id != null) {
//用户鉴权
return checkUserPermission(response, user, value, id);
}
return true;
}
private Long getId(HttpServletRequest request, HandlerMethod handlerMethod, String key) throws IOException {
CachingWrapper requestWrapper = new CachingWrapper(request);
MethodParameter[] methodParameters = handlerMethod.getMethodParameters();
Long id = null;
for (MethodParameter methodParameter : methodParameters) {
id = getidFromParameter(request, key, methodParameter, requestWrapper);
if (id != null) {
break;
}
}
return id;
}
private Long getidFromParameter(HttpServletRequest request, String key,
MethodParameter methodParameter, CachingWrapper requestWrapper) throws IOException {
String parameterName = methodParameter.getParameterName();
if (key.equals(parameterName)) {
return Long.valueOf(request.getParameter(parameterName));
} else if (methodParameter.getParameterAnnotation(RequestBody.class) != null) {
return getIdFromBody(key, requestWrapper);
}
return null;
}
private Long getIdFromBody(String key, CachingWrapper requestWrapper) throws IOException {
ObjectMapper mapper = new ObjectMapper();
JsonNode rootNode = mapper.readTree(requestWrapper.getCachedBody());
JsonNode idNode;
if (rootNode.isArray() && rootNode.size() > 0) {
idNode = rootNode.get(0).path(key);
} else {
idNode = rootNode.path(key);
}
if (!idNode.isMissingNode()) {
return idNode.asLong();
}
return null;
}
private boolean checkUserPermission(HttpServletResponse response, BaseUser user, String[] value, Long id) {
// 业务鉴权逻辑
return true;
}
@Override
protected void afterCompletion(HttpServletRequest request, HttpServletResponse response,
HandlerMethod handlerMethod, RequiresPermissions annotation, Exception ex) {
// Do nothing
}
@Override
protected void postHandle(HttpServletRequest request, HttpServletResponse response,
HandlerMethod handlerMethod, ModelAndView modelAndView, RequiresPermissions annotation) {
// Do nothing
}
/**
* 获取当前登陆用户
*/
private BaseUser getLogin() {
return null;
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
- 45.
- 46.
- 47.
- 48.
- 49.
- 50.
- 51.
- 52.
- 53.
- 54.
- 55.
- 56.
- 57.
- 58.
- 59.
- 60.
- 61.
- 62.
- 63.
- 64.
- 65.
- 66.
- 67.
- 68.
- 69.
- 70.
- 71.
- 72.
- 73.
- 74.
- 75.
- 76.
- 77.
- 78.
- 79.
- 80.
- 81.
- 82.
- 83.
- 84.
- 85.
- 86.
- 87.
- 88.
- 89.
- 90.
- 91.
- 92.
- 93.
- 94.
- 95.