加入忽略机制

common-biz-client/pom.xml

@@ -57,6 +57,13 @@
             <version>0.0.1-SNAPSHOT</version>
             <scope>provided</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>5.2.1.RELEASE</version>
+            <scope>provided</scope>
+        </dependency>
     </dependencies>
 
     <!-- 私有仓库 -->

common-biz-client/src/main/java/com/diagbot/util/PermissionUtil.java

@@ -8,6 +8,7 @@ import org.aspectj.lang.JoinPoint;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.DefaultParameterNameDiscoverer;
 import org.springframework.core.ParameterNameDiscoverer;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.web.context.request.RequestAttributes;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -15,6 +16,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.servlet.http.HttpServletRequest;
 import java.lang.reflect.Method;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -33,10 +35,15 @@ public class PermissionUtil {
      * @param joinPoint
      * @param sysType
      */
-    public static void permissionAspect(JoinPoint joinPoint, Integer sysType) {
+    public static void permissionAspect(JoinPoint joinPoint, Integer sysType, List<String> ignoreUrl) {
         RequestAttributes ra = RequestContextHolder.getRequestAttributes();
         ServletRequestAttributes sra = (ServletRequestAttributes) ra;
         HttpServletRequest request = sra.getRequest();
+        //忽略机制
+        if (matchPermitAllUrl(request,ignoreUrl)){
+            return;
+        }
+        //验证机制
         //head里面是否有hospitalCode；
         String hospitalCode = request.getHeader("hospitalCode");
         if (StringUtil.isBlank(hospitalCode)) {
@@ -106,4 +113,24 @@ public class PermissionUtil {
             put("java.lang.Char", char.class);
         }
     };
+
+    private static Boolean matchPermitAllUrl(HttpServletRequest request, List<String> ignoreUrl) {
+        if (ListUtil.isNotEmpty(ignoreUrl)) {
+            for (String url : ignoreUrl) {
+                if (matchers(url, request)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+    private static Boolean matchers(String url, HttpServletRequest request) {
+        AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
+        if (matcher.matches(request)) {
+            return true;
+        }
+        return false;
+    }
+
 }

data-service/src/main/java/com/diagbot/aop/PermissionAspect.java

@@ -9,6 +9,10 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
 /**
  * @Description: 接口权限拦截
  * @author: gaodm
@@ -18,6 +22,8 @@ import org.springframework.stereotype.Component;
 @Component
 @ConditionalOnProperty(prefix = "permission", value = { "enable" }, havingValue = "true")
 public class PermissionAspect {
+    //忽略URL列表
+    private final static List<String> ignoreUrl = Arrays.asList();
 
     //切所有Controller
     @Pointcut("execution(* com.diagbot.web..*.*(..))")
@@ -27,6 +33,6 @@ public class PermissionAspect {
     @Before("pointcutController()")
     public void permissionIntercept(JoinPoint joinPoint) {
         //权限拦截
-        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.DATA_SERVICE.getKey());
+        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.DATA_SERVICE.getKey(), ignoreUrl);
     }
 }

icss-service/src/main/java/com/diagbot/aop/PermissionAspect.java

@@ -9,6 +9,9 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 
+import java.util.Arrays;
+import java.util.List;
+
 /**
  * @Description: 接口权限拦截
  * @author: gaodm
@@ -18,6 +21,8 @@ import org.springframework.stereotype.Component;
 @Component
 @ConditionalOnProperty(prefix = "permission", value = { "enable" }, havingValue = "true")
 public class PermissionAspect {
+    //忽略URL列表
+    private final static List<String> ignoreUrl = Arrays.asList();
 
     //切所有Controller
     @Pointcut("execution(* com.diagbot.web..*.*(..))")
@@ -27,6 +32,6 @@ public class PermissionAspect {
     @Before("pointcutController()")
     public void permissionIntercept(JoinPoint joinPoint) {
         //权限拦截
-        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.ICSS_SERVICE.getKey());
+        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.ICSS_SERVICE.getKey(), ignoreUrl);
     }
 }

ltapi-service/src/main/java/com/diagbot/aop/PermissionAspect.java

@@ -9,6 +9,9 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 
+import java.util.Arrays;
+import java.util.List;
+
 /**
  * @Description: 接口权限拦截
  * @author: gaodm
@@ -18,6 +21,8 @@ import org.springframework.stereotype.Component;
 @Component
 @ConditionalOnProperty(prefix = "permission", value = { "enable" }, havingValue = "true")
 public class PermissionAspect {
+    //忽略URL列表
+    private final static List<String> ignoreUrl = Arrays.asList();
 
     //切所有Controller
     @Pointcut("execution(* com.diagbot.web..*.*(..))")
@@ -27,6 +32,6 @@ public class PermissionAspect {
     @Before("pointcutController()")
     public void permissionIntercept(JoinPoint joinPoint) {
         //权限拦截
-        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.LTAPI_SERVICE.getKey());
+        PermissionUtil.permissionAspect(joinPoint, SysTypeEnum.LTAPI_SERVICE.getKey(), ignoreUrl);
     }
 }