|
|
@ -76,41 +76,44 @@ public class PermissionAop {
|
|
|
@Before("getPermissionPointCut()")
|
|
|
public void doPermission(JoinPoint joinPoint) {
|
|
|
|
|
|
//如果当前登录用户是超级管理员则不校验权限
|
|
|
// 如果是超级管理员,直接放过权限校验
|
|
|
boolean isSuperAdmin = LoginContextHolder.me().isSuperAdmin();
|
|
|
if (!isSuperAdmin) {
|
|
|
MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
|
|
|
Method method = methodSignature.getMethod();
|
|
|
Permission permission = method.getAnnotation(Permission.class);
|
|
|
|
|
|
//当前方法需要的角色集合
|
|
|
String[] requireRoles = permission.value();
|
|
|
|
|
|
//逻辑类型
|
|
|
LogicTypeEnum logicTypeEnum = permission.logicType();
|
|
|
|
|
|
//如果不需要特别的角色,则判断用户所属角色是否有当前访问的url的权限
|
|
|
if (requireRoles.length == 0) {
|
|
|
HttpServletRequest request = HttpServletUtil.getRequest();
|
|
|
boolean flag = LoginContextHolder.me().hasPermission(request.getRequestURI());
|
|
|
if (!flag) {
|
|
|
this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
|
|
|
throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
|
|
|
}
|
|
|
if (isSuperAdmin) {
|
|
|
return;
|
|
|
}
|
|
|
|
|
|
// 如果不是超级管理员,则开始进行权限校验
|
|
|
MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
|
|
|
Method method = methodSignature.getMethod();
|
|
|
Permission permission = method.getAnnotation(Permission.class);
|
|
|
|
|
|
// 当前方法需要的角色集合
|
|
|
String[] requireRoles = permission.value();
|
|
|
|
|
|
// 逻辑类型
|
|
|
LogicTypeEnum logicTypeEnum = permission.logicType();
|
|
|
|
|
|
// 如果不需要特别的角色,则判断用户所属角色是否有当前访问的url的权限
|
|
|
if (requireRoles.length == 0) {
|
|
|
HttpServletRequest request = HttpServletUtil.getRequest();
|
|
|
boolean flag = LoginContextHolder.me().hasPermission(request.getRequestURI());
|
|
|
if (!flag) {
|
|
|
this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
|
|
|
throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
|
|
|
}
|
|
|
} else {
|
|
|
// 当前方法的权限需要一些特别的角色
|
|
|
boolean flag = true;
|
|
|
if (LogicTypeEnum.AND.equals(logicTypeEnum)) {
|
|
|
flag = LoginContextHolder.me().hasAllRole(StringUtils.join(requireRoles));
|
|
|
} else if (LogicTypeEnum.OR.equals(logicTypeEnum)) {
|
|
|
flag = LoginContextHolder.me().hasAnyRole(StringUtils.join(requireRoles));
|
|
|
} else {
|
|
|
//当前方法的权限需要一些特别的角色
|
|
|
boolean flag = true;
|
|
|
if (LogicTypeEnum.AND.equals(logicTypeEnum)) {
|
|
|
flag = LoginContextHolder.me().hasAllRole(StringUtils.join(requireRoles));
|
|
|
} else if (LogicTypeEnum.OR.equals(logicTypeEnum)) {
|
|
|
flag = LoginContextHolder.me().hasAnyRole(StringUtils.join(requireRoles));
|
|
|
} else {
|
|
|
log.error(">>> permission注解逻辑枚举错误");
|
|
|
}
|
|
|
if (!flag) {
|
|
|
this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
|
|
|
throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
|
|
|
}
|
|
|
log.error(">>> permission注解逻辑枚举错误");
|
|
|
}
|
|
|
if (!flag) {
|
|
|
this.executeNoPermissionExceptionLog(joinPoint, new PermissionException(PermissionExceptionEnum.NO_PERMISSION));
|
|
|
throw new PermissionException(PermissionExceptionEnum.NO_PERMISSION);
|
|
|
}
|
|
|
}
|
|
|
}
|
fengshuonan