From 89de1beb6fe245eb0c9f96e68cbe5cd46877e7d1 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子li <15040126243@163.com>
Date: 星期三, 22 十二月 2021 10:19:57 +0800
Subject: [PATCH] update 优化web拦截器 使用原生接口处理 默认非生产环境开启
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java | 123 ++++++++++++++++++----------------------
1 files changed, 55 insertions(+), 68 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
index bdad7df..0e97b92 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
@@ -1,53 +1,49 @@
package com.ruoyi.framework.web.service;
-import java.util.Set;
-import org.springframework.beans.factory.annotation.Autowired;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.StringUtils;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
-import com.ruoyi.common.core.domain.entity.SysRole;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.ServletUtils;
-import com.ruoyi.common.utils.StringUtils;
+
+import java.util.Set;
/**
* RuoYi棣栧垱 鑷畾涔夋潈闄愬疄鐜帮紝ss鍙栬嚜SpringSecurity棣栧瓧姣�
- *
+ *
* @author ruoyi
*/
@Service("ss")
-public class PermissionService
-{
- /** 鎵�鏈夋潈闄愭爣璇� */
+public class PermissionService {
+ /**
+ * 鎵�鏈夋潈闄愭爣璇�
+ */
private static final String ALL_PERMISSION = "*:*:*";
- /** 绠$悊鍛樿鑹叉潈闄愭爣璇� */
+ /**
+ * 绠$悊鍛樿鑹叉潈闄愭爣璇�
+ */
private static final String SUPER_ADMIN = "admin";
private static final String ROLE_DELIMETER = ",";
private static final String PERMISSION_DELIMETER = ",";
- @Autowired
- private TokenService tokenService;
-
/**
* 楠岃瘉鐢ㄦ埛鏄惁鍏峰鏌愭潈闄�
- *
+ *
* @param permission 鏉冮檺瀛楃涓�
* @return 鐢ㄦ埛鏄惁鍏峰鏌愭潈闄�
*/
- public boolean hasPermi(String permission)
- {
- if (StringUtils.isEmpty(permission))
- {
+ public boolean hasPermi(String permission) {
+ if (StringUtils.isEmpty(permission)) {
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
- {
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getMenuPermissions())) {
return false;
}
- return hasPermissions(loginUser.getPermissions(), permission);
+ return hasPermissions(loginUser.getMenuPermissions(), permission);
}
/**
@@ -56,8 +52,7 @@
* @param permission 鏉冮檺瀛楃涓�
* @return 鐢ㄦ埛鏄惁涓嶅叿澶囨煇鏉冮檺
*/
- public boolean lacksPermi(String permission)
- {
+ public boolean lacksPermi(String permission) {
return hasPermi(permission) != true;
}
@@ -67,22 +62,17 @@
* @param permissions 浠� PERMISSION_NAMES_DELIMETER 涓哄垎闅旂鐨勬潈闄愬垪琛�
* @return 鐢ㄦ埛鏄惁鍏锋湁浠ヤ笅浠绘剰涓�涓潈闄�
*/
- public boolean hasAnyPermi(String permissions)
- {
- if (StringUtils.isEmpty(permissions))
- {
+ public boolean hasAnyPermi(String permissions) {
+ if (StringUtils.isEmpty(permissions)) {
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
- {
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getMenuPermissions())) {
return false;
}
- Set<String> authorities = loginUser.getPermissions();
- for (String permission : permissions.split(PERMISSION_DELIMETER))
- {
- if (permission != null && hasPermissions(authorities, permission))
- {
+ Set<String> authorities = loginUser.getMenuPermissions();
+ for (String permission : permissions.split(PERMISSION_DELIMETER)) {
+ if (permission != null && hasPermissions(authorities, permission)) {
return true;
}
}
@@ -91,26 +81,24 @@
/**
* 鍒ゆ柇鐢ㄦ埛鏄惁鎷ユ湁鏌愪釜瑙掕壊
- *
+ *
* @param role 瑙掕壊瀛楃涓�
* @return 鐢ㄦ埛鏄惁鍏峰鏌愯鑹�
*/
- public boolean hasRole(String role)
- {
- if (StringUtils.isEmpty(role))
- {
+ public boolean hasRole(String role) {
+ if (StringUtils.isEmpty(role)) {
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
- {
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (StringUtils.isNull(loginUser)) {
return false;
}
- for (SysRole sysRole : loginUser.getUser().getRoles())
- {
- String roleKey = sysRole.getRoleKey();
- if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(StringUtils.trim(role)))
- {
+ Set<String> rolePermissions = loginUser.getRolePermissions();
+ if (CollectionUtils.isEmpty(rolePermissions)) {
+ return false;
+ }
+ for (String roleKey : rolePermissions) {
+ if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) {
return true;
}
}
@@ -123,8 +111,7 @@
* @param role 瑙掕壊鍚嶇О
* @return 鐢ㄦ埛鏄惁涓嶅叿澶囨煇瑙掕壊
*/
- public boolean lacksRole(String role)
- {
+ public boolean lacksRole(String role) {
return hasRole(role) != true;
}
@@ -134,22 +121,23 @@
* @param roles 浠� ROLE_NAMES_DELIMETER 涓哄垎闅旂鐨勮鑹插垪琛�
* @return 鐢ㄦ埛鏄惁鍏锋湁浠ヤ笅浠绘剰涓�涓鑹�
*/
- public boolean hasAnyRoles(String roles)
- {
- if (StringUtils.isEmpty(roles))
- {
+ public boolean hasAnyRoles(String roles) {
+ if (StringUtils.isEmpty(roles)) {
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
- if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
- {
+ LoginUser loginUser = SecurityUtils.getLoginUser();
+ if (StringUtils.isNull(loginUser)) {
return false;
}
- for (String role : roles.split(ROLE_DELIMETER))
- {
- if (hasRole(role))
- {
- return true;
+ Set<String> rolePermissions = loginUser.getRolePermissions();
+ if (CollectionUtils.isEmpty(rolePermissions)) {
+ return false;
+ }
+ for (String role : roles.split(ROLE_DELIMETER)) {
+ for (String roleKey : rolePermissions) {
+ if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role))) {
+ return true;
+ }
}
}
return false;
@@ -157,13 +145,12 @@
/**
* 鍒ゆ柇鏄惁鍖呭惈鏉冮檺
- *
+ *
* @param permissions 鏉冮檺鍒楄〃
- * @param permission 鏉冮檺瀛楃涓�
+ * @param permission 鏉冮檺瀛楃涓�
* @return 鐢ㄦ埛鏄惁鍏峰鏌愭潈闄�
*/
- private boolean hasPermissions(Set<String> permissions, String permission)
- {
+ private boolean hasPermissions(Set<String> permissions, String permission) {
return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
}
}
--
Gitblit v1.9.3