Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gic-enterprise-base
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
base_platform_enterprise
gic-enterprise-base
Commits
4f950ba7
Commit
4f950ba7
authored
Sep 27, 2020
by
guojuxing
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
权限菜单刷本地缓存
parent
c647aeb9
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
50 additions
and
59 deletions
+50
-59
UserDetail.java
...pi/src/main/java/com/gic/enterprise/utils/UserDetail.java
+9
-26
AuthInterceptor.java
.../java/com/gic/enterprise/interceptor/AuthInterceptor.java
+41
-33
No files found.
gic-enterprise-base-api/src/main/java/com/gic/enterprise/utils/UserDetail.java
View file @
4f950ba7
...
...
@@ -8,6 +8,8 @@ import com.gic.enterprise.base.UserResourceInfo;
import
java.io.Serializable
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Set
;
/**
* session
* @ClassName: UserDetail
...
...
@@ -21,13 +23,9 @@ public class UserDetail implements Serializable {
private
EnterpriseInfo
enterpriseInfo
;
private
UserResourceInfo
userResourceInfo
;
/**
* 用户登陆所有拥有的菜单权限,用于权限拦截
* 用户登陆所有拥有的菜单权限,用于权限拦截
,存放menu_id
*/
private
Map
<
String
,
Object
>
menuUrlMap
;
private
List
<
MenuInfo
>
menuInfoList
;
private
Map
<
String
,
MenuInfo
>
moduleUrlMap
;
private
Set
<
Integer
>
menuIdSet
;
public
Integer
getUserId
()
{
return
userId
;
...
...
@@ -65,27 +63,12 @@ public class UserDetail implements Serializable {
this
.
userResourceInfo
=
userResourceInfo
;
}
public
Map
<
String
,
Object
>
getMenuUrlMap
()
{
return
menuUrlMap
;
}
public
void
setMenuUrlMap
(
Map
<
String
,
Object
>
menuUrlMap
)
{
this
.
menuUrlMap
=
menuUrlMap
;
}
public
List
<
MenuInfo
>
getMenuInfoList
()
{
return
menuInfoList
;
}
public
void
setMenuInfoList
(
List
<
MenuInfo
>
menuInfoList
)
{
this
.
menuInfoList
=
menuInfoList
;
}
public
Map
<
String
,
MenuInfo
>
getModuleUrlMap
()
{
return
moduleUrlMap
;
public
Set
<
Integer
>
getMenuIdSet
()
{
return
menuIdSet
;
}
public
void
setModuleUrlMap
(
Map
<
String
,
MenuInfo
>
moduleUrlMap
)
{
this
.
moduleUrlMap
=
moduleUrlMap
;
public
UserDetail
setMenuIdSet
(
Set
<
Integer
>
menuIdSet
)
{
this
.
menuIdSet
=
menuIdSet
;
return
this
;
}
}
gic-enterprise-common/src/main/java/com/gic/enterprise/interceptor/AuthInterceptor.java
View file @
4f950ba7
...
...
@@ -8,6 +8,7 @@ import com.gic.enterprise.context.UserContext;
import
com.gic.enterprise.error.ErrorCode
;
import
com.gic.enterprise.exception.CommonException
;
import
com.gic.enterprise.utils.UserDetail
;
import
com.gic.redis.data.util.RedisUtil
;
import
org.apache.commons.collections.CollectionUtils
;
import
org.apache.commons.lang.StringUtils
;
import
org.apache.dubbo.rpc.RpcContext
;
...
...
@@ -21,6 +22,9 @@ import javax.servlet.http.HttpServletResponse;
import
java.util.HashMap
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Set
;
import
java.util.stream.Collector
;
import
java.util.stream.Collectors
;
/**
* 权限拦截
...
...
@@ -33,6 +37,8 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
private
static
final
Logger
log
=
LogManager
.
getLogger
(
AuthInterceptor
.
class
);
private
static
final
String
MENU_LOCAL_CACHE_KEY
=
"auth:menu:list:all"
;
private
static
final
Map
<
String
,
Object
>
ignoreUriBeforeLoginMap
=
new
HashMap
<>(
16
);
private
static
final
Map
<
String
,
Object
>
ignoreUriAfterLoginMap
=
new
HashMap
<>(
16
);
static
{
...
...
@@ -64,14 +70,6 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
//获取uri
String
uri
=
request
.
getRequestURI
();
log
.
info
(
"权限拦截token url:{}"
,
uri
);
//操作项标志位
String
isControl
=
request
.
getHeader
(
"isControl"
);
//是否是操作项请求
boolean
isOperationItemRequest
=
StringUtils
.
isNotBlank
(
isControl
);
log
.
info
(
"用户接口访问标志:{}"
,
isControl
);
log
.
info
(
"用户接口访问路由:{}"
,
uri
);
//不需要拦截的路径
if
(
ignoreUriBeforeLoginMap
.
containsKey
(
uri
))
{
return
true
;
...
...
@@ -97,41 +95,51 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
if
(
ignoreUriAfterLoginMap
.
containsKey
(
uri
))
{
return
true
;
}
//接口调用,操作项类型的操作,需要 获取操作模块,一级、二级的ID和名称
if
(
isOperationItemRequest
)
{
setOperationModule
(
request
,
userDetail
);
//本地缓存数据(login的时候塞入)
Object
menuLocaleCache
=
RedisUtil
.
getLocalCache
(
MENU_LOCAL_CACHE_KEY
);
if
(
menuLocaleCache
==
null
)
{
throw
new
CommonException
(
ErrorCode
.
SYSTEM_ERROR
.
getErrorCode
(),
"sorry,您无该页面的访问权限,请联系超级管理员!"
);
}
List
<
MenuInfo
>
localeCacheData
=
(
List
<
MenuInfo
>)
object
;
//操作模块数据
Map
<
String
,
MenuInfo
>
moduleMap
=
new
HashMap
<>(
16
);
//用户操作项数据
Map
<
String
,
MenuInfo
>
operationMap
=
new
HashMap
<>(
16
);
localeCacheData
.
forEach
(
e
->
{
operationMap
.
put
(
e
.
getMenuId
().
toString
(),
e
);
if
(
StringUtils
.
isNotBlank
(
e
.
getMenuUrl
()))
{
moduleMap
.
put
(
e
.
getProjectUrlForWeb
()
+
e
.
getMenuUrl
(),
e
);
}
});
//接口调用,操作项类型的操作,需要 获取操作模块,一级、二级的ID和名称
setOperationModule
(
request
,
localeCacheData
,
moduleMap
);
//判断是否有权限
Set
<
Integer
>
menuAuthSet
=
userDetail
.
getMenuIdSet
();
//超级管理员不限制
if
(
userDetail
.
getUserInfo
().
getSuperAdmin
().
intValue
()
==
1
)
{
if
(
menuAuthSet
.
isEmpty
())
{
return
true
;
}
//判断是否有权限
Map
<
String
,
Object
>
menuUrlMap
=
userDetail
.
getMenuUrlMap
();
if
(
menuUrlMap
==
null
||
menuUrlMap
.
isEmpty
())
{
boolean
isNoAuth
=
!
menuAuthSet
.
isEmpty
()
&&
menuAuthSet
.
contains
(-
1
);
if
(
isNoAuth
)
{
throw
new
CommonException
(
ErrorCode
.
SYSTEM_ERROR
.
getErrorCode
(),
"sorry,您无该页面的访问权限,请联系超级管理员!"
);
}
if
(
isOperationItemRequest
)
{
//说明是操作项
//如果匹配上了,说明是没权限
if
(
menuUrlMap
.
containsKey
(
uri
))
{
throw
new
CommonException
(
ErrorCode
.
SYSTEM_ERROR
.
getErrorCode
(),
"sorry,您无该页面的访问权限,请联系超级管理员!"
);
Set
<
String
>
uriSet
=
menuAuthSet
.
stream
().
map
(
e
->
{
MenuInfo
temp
=
operationMap
.
get
(
e
.
toString
());
if
(
temp
!=
null
)
{
return
temp
.
getMenuUrl
();
}
}
else
{
//说明是页面
//如果没有匹配上,说明
没权限
if
(!
menuUrlMap
.
containsKey
(
uri
))
{
return
""
;
}).
collect
(
Collectors
.
toSet
());
//如果匹配上了,说明是
没权限
if
(
uriSet
.
contains
(
uri
))
{
throw
new
CommonException
(
ErrorCode
.
SYSTEM_ERROR
.
getErrorCode
(),
"sorry,您无该页面的访问权限,请联系超级管理员!"
);
}
}
return
true
;
}
private
void
setOperationModule
(
HttpServletRequest
request
,
UserDetail
userDetail
)
{
List
<
MenuInfo
>
menuInfoList
=
userDetail
.
getMenuInfoList
();
Map
<
String
,
MenuInfo
>
moduleUrlMap
=
userDetail
.
getModuleUrlMap
();
private
void
setOperationModule
(
HttpServletRequest
request
,
List
<
MenuInfo
>
localeCacheData
,
Map
<
String
,
MenuInfo
>
moduleMap
)
{
//页面路径
String
moduleUrl
=
request
.
getHeader
(
"Referer"
);
log
.
info
(
"完整路由:{}"
,
moduleUrl
);
...
...
@@ -141,9 +149,9 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
moduleUrl
=
getModuleUrl
(
moduleUrl
);
log
.
info
(
"操作模块的路由:{}"
,
moduleUrl
);
//获取当前操作项数据
MenuInfo
menuInfo
=
module
Url
Map
.
get
(
moduleUrl
);
MenuInfo
menuInfo
=
moduleMap
.
get
(
moduleUrl
);
if
(
menuInfo
!=
null
)
{
Map
<
String
,
MenuInfo
>
tempMap
=
listToMap
(
menuInfoList
);
Map
<
String
,
MenuInfo
>
tempMap
=
listToMap
(
localeCacheData
);
log
.
info
(
"接口的菜单信息:{}"
,
JSON
.
toJSONString
(
menuInfo
));
Integer
temp
=
menuInfo
.
getMenuId
();
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
