Skip to content
项目
群组
代码片段
帮助
当前项目
正在载入...
登录 / 注册
切换导航面板
D
dataease
项目
项目
详情
活动
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
图表
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
日程
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
折叠边栏
关闭边栏
活动
图像
聊天
创建新问题
作业
提交
问题看板
Open sidebar
zhu
dataease
Commits
253e4810
Unverified
提交
253e4810
authored
2月 08, 2022
作者:
fit2cloud-chenyw
提交者:
GitHub
2月 08, 2022
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #1739 from dataease/pr@dev@refactor_api_auth_admin
fix: api权限单独处理admin
上级
a846a8fe
81fe530f
隐藏空白字符变更
内嵌
并排
正在显示
1 个修改的文件
包含
18 行增加
和
10 行删除
+18
-10
DePermissionAnnotationHandler.java
...a/io/dataease/auth/aop/DePermissionAnnotationHandler.java
+18
-10
没有找到文件。
backend/src/main/java/io/dataease/auth/aop/DePermissionAnnotationHandler.java
浏览文件 @
253e4810
...
@@ -27,7 +27,11 @@ public class DePermissionAnnotationHandler {
...
@@ -27,7 +27,11 @@ public class DePermissionAnnotationHandler {
@Around
(
value
=
"@annotation(io.dataease.auth.annotation.DePermissions)"
)
@Around
(
value
=
"@annotation(io.dataease.auth.annotation.DePermissions)"
)
public
Object
PermissionsAround
(
ProceedingJoinPoint
point
)
{
public
Object
PermissionsAround
(
ProceedingJoinPoint
point
)
{
try
{
try
{
if
(
AuthUtils
.
getUser
().
getIsAdmin
())
{
return
point
.
proceed
(
point
.
getArgs
());
}
MethodSignature
ms
=
(
MethodSignature
)
point
.
getSignature
();
MethodSignature
ms
=
(
MethodSignature
)
point
.
getSignature
();
Method
method
=
ms
.
getMethod
();
Method
method
=
ms
.
getMethod
();
DePermissions
annotation
=
method
.
getAnnotation
(
DePermissions
.
class
);
DePermissions
annotation
=
method
.
getAnnotation
(
DePermissions
.
class
);
...
@@ -47,13 +51,13 @@ public class DePermissionAnnotationHandler {
...
@@ -47,13 +51,13 @@ public class DePermissionAnnotationHandler {
Boolean
someAccess
=
false
;
Boolean
someAccess
=
false
;
for
(
int
i
=
0
;
i
<
dePermissions
.
length
;
i
++)
{
for
(
int
i
=
0
;
i
<
dePermissions
.
length
;
i
++)
{
DePermission
permission
=
dePermissions
[
i
];
DePermission
permission
=
dePermissions
[
i
];
try
{
try
{
boolean
currentAccess
=
access
(
args
[
permission
.
paramIndex
()],
permission
,
0
);
boolean
currentAccess
=
access
(
args
[
permission
.
paramIndex
()],
permission
,
0
);
if
(
currentAccess
)
{
if
(
currentAccess
)
{
someAccess
=
true
;
someAccess
=
true
;
break
;
break
;
}
}
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
exceptions
.
add
(
e
);
exceptions
.
add
(
e
);
}
}
}
}
...
@@ -71,6 +75,9 @@ public class DePermissionAnnotationHandler {
...
@@ -71,6 +75,9 @@ public class DePermissionAnnotationHandler {
@Around
(
value
=
"@annotation(io.dataease.auth.annotation.DePermission)"
)
@Around
(
value
=
"@annotation(io.dataease.auth.annotation.DePermission)"
)
public
Object
PermissionAround
(
ProceedingJoinPoint
point
)
{
public
Object
PermissionAround
(
ProceedingJoinPoint
point
)
{
try
{
try
{
if
(
AuthUtils
.
getUser
().
getIsAdmin
())
{
return
point
.
proceed
(
point
.
getArgs
());
}
MethodSignature
ms
=
(
MethodSignature
)
point
.
getSignature
();
MethodSignature
ms
=
(
MethodSignature
)
point
.
getSignature
();
Method
method
=
ms
.
getMethod
();
Method
method
=
ms
.
getMethod
();
...
@@ -88,20 +95,22 @@ public class DePermissionAnnotationHandler {
...
@@ -88,20 +95,22 @@ public class DePermissionAnnotationHandler {
}
}
private
Boolean
access
(
Object
arg
,
DePermission
annotation
,
int
layer
)
throws
Exception
{
private
Boolean
access
(
Object
arg
,
DePermission
annotation
,
int
layer
)
throws
Exception
{
if
(
ObjectUtils
.
isEmpty
(
arg
))
return
true
;
if
(
ObjectUtils
.
isEmpty
(
arg
))
return
true
;
String
type
=
annotation
.
type
().
name
().
toLowerCase
();
String
type
=
annotation
.
type
().
name
().
toLowerCase
();
String
value
=
annotation
.
value
();
String
value
=
annotation
.
value
();
Integer
requireLevel
=
annotation
.
level
().
getLevel
();
Integer
requireLevel
=
annotation
.
level
().
getLevel
();
Set
<
String
>
resourceIds
=
AuthUtils
.
permissionByType
(
type
).
stream
().
filter
(
Set
<
String
>
resourceIds
=
AuthUtils
.
permissionByType
(
type
).
stream
().
filter
(
item
->
item
.
getLevel
()
>=
requireLevel
item
->
item
.
getLevel
()
>=
requireLevel
).
map
(
AuthItem:
:
getAuthSource
).
collect
(
Collectors
.
toSet
());
).
map
(
AuthItem:
:
getAuthSource
).
collect
(
Collectors
.
toSet
());
Class
<?>
parameterType
=
arg
.
getClass
();
Class
<?>
parameterType
=
arg
.
getClass
();
if
(
parameterType
.
isPrimitive
()
||
isWrapClass
(
parameterType
)
||
isString
(
parameterType
))
{
if
(
parameterType
.
isPrimitive
()
||
isWrapClass
(
parameterType
)
||
isString
(
parameterType
))
{
boolean
permissionValid
=
resourceIds
.
contains
(
arg
);
boolean
permissionValid
=
resourceIds
.
contains
(
arg
);
if
(
permissionValid
)
return
true
;
if
(
permissionValid
)
throw
new
UnauthorizedException
(
"Subject does not have permission["
+
annotation
.
level
().
name
()
+
":"
+
annotation
.
type
()
+
":"
+
arg
+
"]"
);
return
true
;
throw
new
UnauthorizedException
(
"Subject does not have permission["
+
annotation
.
level
().
name
()
+
":"
+
annotation
.
type
()
+
":"
+
arg
+
"]"
);
}
else
if
(
isArray
(
parameterType
))
{
}
else
if
(
isArray
(
parameterType
))
{
for
(
int
i
=
0
;
i
<
Array
.
getLength
(
arg
);
i
++)
{
for
(
int
i
=
0
;
i
<
Array
.
getLength
(
arg
);
i
++)
{
Object
o
=
Array
.
get
(
arg
,
i
);
Object
o
=
Array
.
get
(
arg
,
i
);
...
@@ -124,7 +133,7 @@ public class DePermissionAnnotationHandler {
...
@@ -124,7 +133,7 @@ public class DePermissionAnnotationHandler {
Object
o
=
argMap
.
get
(
values
[
layer
]);
Object
o
=
argMap
.
get
(
values
[
layer
]);
return
access
(
o
,
annotation
,
++
layer
);
return
access
(
o
,
annotation
,
++
layer
);
}
else
{
}
else
{
//当作自定义类处理
//
当作自定义类处理
String
[]
values
=
value
.
split
(
"u002E"
);
String
[]
values
=
value
.
split
(
"u002E"
);
String
fieldName
=
values
[
layer
];
String
fieldName
=
values
[
layer
];
...
@@ -135,7 +144,7 @@ public class DePermissionAnnotationHandler {
...
@@ -135,7 +144,7 @@ public class DePermissionAnnotationHandler {
return
true
;
return
true
;
}
}
private
Object
getFieldValue
(
Object
o
,
String
fieldName
)
throws
Exception
{
private
Object
getFieldValue
(
Object
o
,
String
fieldName
)
throws
Exception
{
Class
<?>
aClass
=
o
.
getClass
();
Class
<?>
aClass
=
o
.
getClass
();
while
(
null
!=
aClass
.
getSuperclass
())
{
while
(
null
!=
aClass
.
getSuperclass
())
{
Field
[]
declaredFields
=
aClass
.
getDeclaredFields
();
Field
[]
declaredFields
=
aClass
.
getDeclaredFields
();
...
@@ -183,5 +192,4 @@ public class DePermissionAnnotationHandler {
...
@@ -183,5 +192,4 @@ public class DePermissionAnnotationHandler {
return
Arrays
.
stream
(
wrapClasies
).
anyMatch
(
item
->
StringUtils
.
equals
(
item
,
clz
.
getName
()));
return
Arrays
.
stream
(
wrapClasies
).
anyMatch
(
item
->
StringUtils
.
equals
(
item
,
clz
.
getName
()));
}
}
}
}
编写
预览
Markdown
格式
0%
重试
或
添加新文件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
请先完成此评论的编辑!
取消
请
注册
或者
登录
后发表评论
