|
@@ -20,9 +20,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
import java.lang.reflect.Field;
|
|
import java.lang.reflect.Field;
|
|
|
import java.lang.reflect.Method;
|
|
import java.lang.reflect.Method;
|
|
|
-import java.util.HashMap;
|
|
|
|
|
-import java.util.List;
|
|
|
|
|
-import java.util.Map;
|
|
|
|
|
|
|
+import java.util.*;
|
|
|
|
|
|
|
|
/**
|
|
/**
|
|
|
* @Description:
|
|
* @Description:
|
|
@@ -30,9 +28,15 @@ import java.util.Map;
|
|
|
* @time: 2020/2/17 14:57
|
|
* @time: 2020/2/17 14:57
|
|
|
*/
|
|
*/
|
|
|
@Slf4j
|
|
@Slf4j
|
|
|
|
|
+@Component
|
|
|
public class PermissionUtil {
|
|
public class PermissionUtil {
|
|
|
|
|
+
|
|
|
|
|
+ private static PermissionFacade permissionFacade;
|
|
|
|
|
+
|
|
|
@Autowired
|
|
@Autowired
|
|
|
- private PermissionFacade permissionFacade;
|
|
|
|
|
|
|
+ public void PermissionUtil(PermissionFacade permissionFacade) {
|
|
|
|
|
+ PermissionUtil.permissionFacade = permissionFacade;
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
/**
|
|
/**
|
|
|
* 功能可配置权限拦截
|
|
* 功能可配置权限拦截
|
|
@@ -45,7 +49,7 @@ public class PermissionUtil {
|
|
|
ServletRequestAttributes sra = (ServletRequestAttributes) ra;
|
|
ServletRequestAttributes sra = (ServletRequestAttributes) ra;
|
|
|
HttpServletRequest request = sra.getRequest();
|
|
HttpServletRequest request = sra.getRequest();
|
|
|
//忽略机制
|
|
//忽略机制
|
|
|
- if (matchPermitAllUrl(request,ignoreUrl)){
|
|
|
|
|
|
|
+ if (matchPermitAllUrl(request, ignoreUrl)) {
|
|
|
return;
|
|
return;
|
|
|
}
|
|
}
|
|
|
//验证机制
|
|
//验证机制
|
|
@@ -90,7 +94,7 @@ public class PermissionUtil {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (!noParam && !hasParam) {
|
|
if (!noParam && !hasParam) {
|
|
|
- throw new CommonException(CommonErrorCode.NO_PERMISSION, "当前医院没有开通此功能!");
|
|
|
|
|
|
|
+ throw new CommonException(CommonErrorCode.NO_PERMISSION);
|
|
|
}
|
|
}
|
|
|
//todo 验证参数
|
|
//todo 验证参数
|
|
|
Object[] args = joinPoint.getArgs();
|
|
Object[] args = joinPoint.getArgs();
|
|
@@ -126,22 +130,27 @@ public class PermissionUtil {
|
|
|
String value = (String) obj;
|
|
String value = (String) obj;
|
|
|
String[] valueArr = value.split(",|,");
|
|
String[] valueArr = value.split(",|,");
|
|
|
Set<String> valueSet = new HashSet<>(Arrays.asList(valueArr));
|
|
Set<String> valueSet = new HashSet<>(Arrays.asList(valueArr));
|
|
|
- Boolean flag = false;
|
|
|
|
|
- System.out.println(flag.toString());
|
|
|
|
|
|
|
+ Boolean hasPermission = false;
|
|
|
for (String permissionParamValue : permissionParamValueSet) {
|
|
for (String permissionParamValue : permissionParamValueSet) {
|
|
|
Set paramValueSet = new HashSet<>(Arrays.asList(permissionParamValue.split(",|,")));
|
|
Set paramValueSet = new HashSet<>(Arrays.asList(permissionParamValue.split(",|,")));
|
|
|
if (paramValueSet.containsAll(valueSet)) {
|
|
if (paramValueSet.containsAll(valueSet)) {
|
|
|
- flag = true;
|
|
|
|
|
|
|
+ hasPermission = true;
|
|
|
break;
|
|
break;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
- if (!flag) {
|
|
|
|
|
- throw new CommonException(CommonErrorCode.NO_PERMISSION, "当前医院没有开通此功能!");
|
|
|
|
|
|
|
+ if (!hasPermission) {
|
|
|
|
|
+ throw new CommonException(CommonErrorCode.NO_PERMISSION);
|
|
|
}
|
|
}
|
|
|
} else if (type.equals("class java.lang.Boolean")) {
|
|
} else if (type.equals("class java.lang.Boolean")) {
|
|
|
Boolean value = (Boolean) obj;
|
|
Boolean value = (Boolean) obj;
|
|
|
- if (!permissionParamValueSet.contains(value.toString())) {
|
|
|
|
|
- throw new CommonException(CommonErrorCode.NO_PERMISSION, "当前医院没有开通此功能!");
|
|
|
|
|
|
|
+ Boolean hasPermission = false;
|
|
|
|
|
+ for (String str : permissionParamValueSet) {
|
|
|
|
|
+ if (str.toLowerCase().equals(value.toString().toLowerCase())) {
|
|
|
|
|
+ hasPermission = true;
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ if (!hasPermission) {
|
|
|
|
|
+ throw new CommonException(CommonErrorCode.NO_PERMISSION);
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
zhaops