权限菜单刷本地缓存

gic-enterprise-base-api/src/main/java/com/gic/enterprise/utils/UserDetail.java

@@ -8,6 +8,8 @@ import com.gic.enterprise.base.UserResourceInfo;
 import java.io.Serializable;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+
 /**
  * session
  * @ClassName: UserDetail

@@ -21,13 +23,9 @@ public class UserDetail implements Serializable {
     private EnterpriseInfo enterpriseInfo;
     private UserResourceInfo userResourceInfo;
     /**
-     * 用户登陆所有拥有的菜单权限，用于权限拦截
+     * 用户登陆所有拥有的菜单权限，用于权限拦截，存放menu_id
      */
-    private Map<String, Object> menuUrlMap;
-
-    private List<MenuInfo> menuInfoList;
-
-    private Map<String, MenuInfo> moduleUrlMap;
+    private Set<Integer> menuIdSet;
 
     public Integer getUserId() {
         return userId;
@@ -65,27 +63,12 @@ public class UserDetail implements Serializable {
         this.userResourceInfo = userResourceInfo;
     }
 
-    public Map<String, Object> getMenuUrlMap() {
-        return menuUrlMap;
-    }
-
-    public void setMenuUrlMap(Map<String, Object> menuUrlMap) {
-        this.menuUrlMap = menuUrlMap;
-    }
-
-    public List<MenuInfo> getMenuInfoList() {
-        return menuInfoList;
-    }
-
-    public void setMenuInfoList(List<MenuInfo> menuInfoList) {
-        this.menuInfoList = menuInfoList;
-    }
-
-    public Map<String, MenuInfo> getModuleUrlMap() {
-        return moduleUrlMap;
+    public Set<Integer> getMenuIdSet() {
+        return menuIdSet;
     }
 
-    public void setModuleUrlMap(Map<String, MenuInfo> moduleUrlMap) {
-        this.moduleUrlMap = moduleUrlMap;
+    public UserDetail setMenuIdSet(Set<Integer> menuIdSet) {
+        this.menuIdSet = menuIdSet;
+        return this;
     }
 }

gic-enterprise-common/src/main/java/com/gic/enterprise/interceptor/AuthInterceptor.java

@@ -8,6 +8,7 @@ import com.gic.enterprise.context.UserContext;
 import com.gic.enterprise.error.ErrorCode;
 import com.gic.enterprise.exception.CommonException;
 import com.gic.enterprise.utils.UserDetail;
+import com.gic.redis.data.util.RedisUtil;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.dubbo.rpc.RpcContext;
@@ -21,6 +22,9 @@ import javax.servlet.http.HttpServletResponse;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collector;
+import java.util.stream.Collectors;
 
 /**
  * 权限拦截
@@ -33,6 +37,8 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
 
     private static final Logger log = LogManager.getLogger(AuthInterceptor.class);
 
+    private static final String MENU_LOCAL_CACHE_KEY = "auth:menu:list:all";
+
     private static final Map<String, Object> ignoreUriBeforeLoginMap = new HashMap<>(16);
     private static final Map<String, Object> ignoreUriAfterLoginMap = new HashMap<>(16);
     static {
@@ -64,14 +70,6 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
         //获取uri
         String uri = request.getRequestURI();
         log.info("权限拦截token url：{}", uri);
-
-
-        //操作项标志位
-        String isControl = request.getHeader("isControl");
-        //是否是操作项请求
-        boolean isOperationItemRequest = StringUtils.isNotBlank(isControl);
-        log.info("用户接口访问标志：{}", isControl);
-        log.info("用户接口访问路由：{}", uri);
         //不需要拦截的路径
         if (ignoreUriBeforeLoginMap.containsKey(uri)) {
             return true;
@@ -97,41 +95,51 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
         if (ignoreUriAfterLoginMap.containsKey(uri)) {
             return true;
         }
-        //接口调用，操作项类型的操作，需要 获取操作模块，一级、二级的ID和名称
-        if (isOperationItemRequest) {
-            setOperationModule(request, userDetail);
+
+        //本地缓存数据(login的时候塞入)
+        Object menuLocaleCache = RedisUtil.getLocalCache(MENU_LOCAL_CACHE_KEY);
+        if (menuLocaleCache == null) {
+            throw new CommonException(ErrorCode.SYSTEM_ERROR.getErrorCode(), "sorry，您无该页面的访问权限，请联系超级管理员！");
         }
+        List<MenuInfo> localeCacheData = (List<MenuInfo>) object;
+        //操作模块数据
+        Map<String, MenuInfo> moduleMap = new HashMap<>(16);
+        //用户操作项数据
+        Map<String, MenuInfo> operationMap = new HashMap<>(16);
+        localeCacheData.forEach(e -> {
+            operationMap.put(e.getMenuId().toString(), e);
+            if (StringUtils.isNotBlank(e.getMenuUrl())) {
+                moduleMap.put(e.getProjectUrlForWeb() + e.getMenuUrl(), e);
+            }
+        });
+        //接口调用，操作项类型的操作，需要 获取操作模块，一级、二级的ID和名称
+        setOperationModule(request, localeCacheData, moduleMap);
 
-        //超级管理员不限制
-        if (userDetail.getUserInfo().getSuperAdmin().intValue() == 1) {
+        //判断是否有权限
+        Set<Integer> menuAuthSet = userDetail.getMenuIdSet();
+
+        if (menuAuthSet.isEmpty()) {
             return true;
         }
-        //判断是否有权限
-        Map<String, Object> menuUrlMap = userDetail.getMenuUrlMap();
-        if (menuUrlMap == null || menuUrlMap.isEmpty()) {
+        boolean isNoAuth = !menuAuthSet.isEmpty() && menuAuthSet.contains(-1);
+        if (isNoAuth) {
             throw new CommonException(ErrorCode.SYSTEM_ERROR.getErrorCode(), "sorry，您无该页面的访问权限，请联系超级管理员！");
         }
-
-        if (isOperationItemRequest) {
-            //说明是操作项
-            //如果匹配上了，说明是没权限
-            if (menuUrlMap.containsKey(uri)) {
-                throw new CommonException(ErrorCode.SYSTEM_ERROR.getErrorCode(), "sorry，您无该页面的访问权限，请联系超级管理员！");
-            }
-        } else {
-            //说明是页面
-            //如果没有匹配上，说明没权限
-            if (!menuUrlMap.containsKey(uri)) {
-                throw new CommonException(ErrorCode.SYSTEM_ERROR.getErrorCode(), "sorry，您无该页面的访问权限，请联系超级管理员！");
+        Set<String> uriSet = menuAuthSet.stream().map(e -> {
+            MenuInfo temp = operationMap.get(e.toString());
+            if (temp != null) {
+                return temp.getMenuUrl();
             }
+            return "";
+        }).collect(Collectors.toSet());
+        //如果匹配上了，说明是没权限
+        if (uriSet.contains(uri)) {
+            throw new CommonException(ErrorCode.SYSTEM_ERROR.getErrorCode(), "sorry，您无该页面的访问权限，请联系超级管理员！");
         }
-
         return true;
     }
 
-    private void setOperationModule(HttpServletRequest request, UserDetail userDetail) {
-        List<MenuInfo> menuInfoList = userDetail.getMenuInfoList();
-        Map<String, MenuInfo> moduleUrlMap = userDetail.getModuleUrlMap();
+    private void setOperationModule(HttpServletRequest request, List<MenuInfo> localeCacheData, Map<String, MenuInfo> moduleMap) {
         //页面路径
         String moduleUrl = request.getHeader("Referer");
         log.info("完整路由：{}", moduleUrl);
@@ -141,9 +149,9 @@ public class AuthInterceptor extends HandlerInterceptorAdapter {
         moduleUrl = getModuleUrl(moduleUrl);
         log.info("操作模块的路由：{}", moduleUrl);
         //获取当前操作项数据
-        MenuInfo menuInfo = moduleUrlMap.get(moduleUrl);
+        MenuInfo menuInfo = moduleMap.get(moduleUrl);
         if (menuInfo != null) {
-            Map<String, MenuInfo> tempMap = listToMap(menuInfoList);
+            Map<String, MenuInfo> tempMap = listToMap(localeCacheData);
             log.info("接口的菜单信息:{}", JSON.toJSONString(menuInfo));
 
             Integer temp = menuInfo.getMenuId();