4 years ago · 197600dbbb
--- a/guns-base-support/guns-system/src/main/java/cn/stylefeng/guns/sys/core/aop/PermissionAop.java
+++ b/guns-base-support/guns-system/src/main/java/cn/stylefeng/guns/sys/core/aop/PermissionAop.java
@ -48,7 +48,7 @@ import java.lang.reflect.Method;
 
				/**
			
 
				 * 权限过滤Aop切面
			
 
				 *
			
 
				 * @author xuyuxiang
			
 
				 * @author xuyuxiang, fengshuonan
			
 
				 * @date 2020/3/23 17:09
			
 
				 */
			
 
				@Aspect
			
@ -70,7 +70,7 @@ public class PermissionAop {
 
				    /**
			
 
				     * 执行权限过滤
			
 
				     *
			
 
				     * @author xuyuxiang
			
 
				     * @author xuyuxiang, fengshuonan
			
 
				     * @date 2020/3/23 17:14
			
 
				     */
			
 
				    @Before("getPermissionPointCut()")
			
@ -93,25 +93,25 @@ public class PermissionAop {
 
				        // 逻辑类型
			
 
				        LogicTypeEnum logicTypeEnum = permission.logicType();
			
 
				
			
 
				        // 如果不需要特别的角色，则判断用户所属角色是否有当前访问的url的权限
			
 
				        if (requireRoles.length == 0) {
			
 
				            HttpServletRequest request = HttpServletUtil.getRequest();
			
 
				            boolean flag = LoginContextHolder.me().hasPermission(request.getRequestURI());
			
 
				            if (!flag) {
			
 
				                this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
			
 
				                throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
			
 
				            }
			
 
				        } else {
			
 
				            // 当前方法的权限需要一些特别的角色
			
 
				            boolean flag = true;
			
 
				        // 首先校验当前用户有没有 当前请求requestUri的权限
			
 
				        HttpServletRequest request = HttpServletUtil.getRequest();
			
 
				        boolean hasUriPermission = LoginContextHolder.me().hasPermission(request.getRequestURI());
			
 
				        if (!hasUriPermission) {
			
 
				            this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
			
 
				            throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
			
 
				        }
			
 
				
			
 
				        // 如果当前接口需要特定的角色权限，则校验参数上的特殊角色当前用户有没
			
 
				        if (requireRoles.length != 0) {
			
 
				            boolean hasSpecialRolePermission = true;
			
 
				            if (LogicTypeEnum.AND.equals(logicTypeEnum)) {
			
 
				                flag = LoginContextHolder.me().hasAllRole(StringUtils.join(requireRoles));
			
 
				                hasSpecialRolePermission = LoginContextHolder.me().hasAllRole(StringUtils.join(requireRoles));
			
 
				            } else if (LogicTypeEnum.OR.equals(logicTypeEnum)) {
			
 
				                flag = LoginContextHolder.me().hasAnyRole(StringUtils.join(requireRoles));
			
 
				                hasSpecialRolePermission = LoginContextHolder.me().hasAnyRole(StringUtils.join(requireRoles));
			
 
				            } else {
			
 
				                log.error(">>> permission注解逻辑枚举错误");
			
 
				            }
			
 
				            if (!flag) {
			
 
				            if (!hasSpecialRolePermission) {
			
 
				                this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
			
 
				                throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
			
 
				            }