mirror of
https://github.com/luoye663/e5.git
synced 2025-10-27 01:15:26 +00:00
增加角色权限
This commit is contained in:
LuoYe_MyWork
@@ -36,32 +36,28 @@ public class WebExceptionAspect {
|
||||
/**
|
||||
* 拦截web层异常,记录异常日志,并返回友好信息到前端
|
||||
*
|
||||
* @param e
|
||||
* 异常对象
|
||||
* @param e 异常对象
|
||||
*/
|
||||
@AfterThrowing(pointcut = "bountyHunterPointcut()", throwing = "e")
|
||||
public void handleThrowing(JoinPoint joinPoint, Exception e) {
|
||||
//e.printStackTrace();
|
||||
/*if (null != user){
|
||||
log.error("发现异常!操作用户手机号:"+user.getMobile());
|
||||
}*/
|
||||
logger.error("发现异常!方法:"+ joinPoint.getSignature().getName()+"--->异常",e);
|
||||
long time = System.currentTimeMillis();
|
||||
logger.error("发现异常!方法:{} --->异常 {}, 异常ID: {}", joinPoint.getSignature().getName(), e, time);
|
||||
//这里输入友好性信息
|
||||
if (!StringUtils.isEmpty(e.getMessage())){
|
||||
logger.error("异常",e.getMessage());
|
||||
writeContent(500,e.getMessage());
|
||||
}else {
|
||||
writeContent(500,"十分抱歉,出现异常!程序猿小哥正在紧急抢修...");
|
||||
// writeContent(500, "十分抱歉,出现异常!程序猿小哥正在紧急抢修...", time);
|
||||
if (!StringUtils.isEmpty(e.getMessage())) {
|
||||
logger.error("异常", e.getMessage());
|
||||
writeContent(500, e.getMessage(),time);
|
||||
} else {
|
||||
writeContent(500, "十分抱歉,出现异常!程序猿小哥正在紧急抢修...", time);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 将内容输出到浏览器
|
||||
*
|
||||
* @param content
|
||||
* 输出内容
|
||||
* @param content 输出内容
|
||||
*/
|
||||
public static void writeContent(Integer code,String content) {
|
||||
public static void writeContent(Integer code, String content, long time) {
|
||||
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
|
||||
.getResponse();
|
||||
response.setCharacterEncoding("UTF-8");
|
||||
@@ -72,10 +68,10 @@ public class WebExceptionAspect {
|
||||
try {
|
||||
writer = response.getWriter();
|
||||
jsonGenerator = (new ObjectMapper()).getFactory().createGenerator(writer);
|
||||
jsonGenerator.writeObject(ResultUtil.error(code,content));
|
||||
jsonGenerator.writeObject(ResultUtil.error(code, time, content));
|
||||
} catch (IOException e1) {
|
||||
e1.printStackTrace();
|
||||
}finally {
|
||||
} finally {
|
||||
writer.flush();
|
||||
writer.close();
|
||||
}
|
||||
|
||||
@@ -1,65 +0,0 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.security.access.AccessDecisionManager;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
|
||||
/**
|
||||
* 决策管理器
|
||||
*
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-15 16:11
|
||||
**/
|
||||
@Slf4j
|
||||
@Service
|
||||
public class MyAccessDecisionManager implements AccessDecisionManager {
|
||||
@Override
|
||||
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
||||
if (collection == null) {
|
||||
return;
|
||||
}
|
||||
System.out.println(o.toString()); // object is a URL.
|
||||
log.info("object is a URL. {}", o.toString());
|
||||
//所请求的资源拥有的权限(一个资源对多个权限)
|
||||
Iterator<ConfigAttribute> iterator = collection.iterator();
|
||||
while (iterator.hasNext()) {
|
||||
ConfigAttribute configAttribute = iterator.next();
|
||||
//访问所请求资源所需要的权限
|
||||
String needPermission = configAttribute.getAttribute();
|
||||
log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
|
||||
if (needPermission == null) {
|
||||
break;
|
||||
}
|
||||
//用户所拥有的权限authentication
|
||||
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
|
||||
for (GrantedAuthority ga : authorities) {
|
||||
if (needPermission.equals(ga.getAuthority())) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
//没有权限
|
||||
throw new AccessDeniedException(" 无权限! ");
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(ConfigAttribute configAttribute) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -1,68 +0,0 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-17 16:25
|
||||
**/
|
||||
@Service
|
||||
public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
||||
|
||||
private HashMap<String, Collection<ConfigAttribute>> map =null;
|
||||
/**
|
||||
* 加载权限表中所有权限
|
||||
*/
|
||||
public void loadResourceDefine(){
|
||||
map = new HashMap<>();
|
||||
Collection<ConfigAttribute> array;
|
||||
ConfigAttribute cfg;
|
||||
List<Map<String, String>> permissions = new LinkedList<>();
|
||||
for(Map<String, String> permission : permissions) {
|
||||
array = new ArrayList<>();
|
||||
cfg = new SecurityConfig("ADMIN");
|
||||
//此处只添加了用户的名字,其实还可以添加更多权限的信息,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
|
||||
array.add(cfg);
|
||||
//用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
|
||||
map.put("/admin/test", array);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
|
||||
if(map ==null) loadResourceDefine();
|
||||
//object 中包含用户请求的request 信息
|
||||
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
||||
AntPathRequestMatcher matcher;
|
||||
String resUrl;
|
||||
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
|
||||
resUrl = iter.next();
|
||||
matcher = new AntPathRequestMatcher(resUrl);
|
||||
if(matcher.matches(request)) {
|
||||
return map.get(resUrl);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@@ -58,12 +58,11 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
|
||||
|
||||
// 创建已认证的用户密码认证对象
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id,String Authority, Collection<? extends GrantedAuthority> authorities) {
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, Collection<? extends GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
this.name = name;
|
||||
this.avatar_url = avatar_url;
|
||||
this.github_id = github_id;
|
||||
this.Authority = Authority;
|
||||
super.setAuthenticated(true);
|
||||
}
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ import java.util.UUID;
|
||||
**/
|
||||
@RestController
|
||||
@RequestMapping("/admin")
|
||||
public class TestController {
|
||||
public class AdminController {
|
||||
@Autowired
|
||||
RabbitTemplate rabbitTemplate;
|
||||
|
||||
@@ -45,6 +45,7 @@ public class TestController {
|
||||
public void send() {
|
||||
Task.sendTaskOutlookMQ(19658189);
|
||||
}
|
||||
|
||||
@GetMapping("/sendAll")
|
||||
public String sendAll() {
|
||||
Task.sendTaskOutlookMQALL();
|
||||
@@ -9,7 +9,6 @@ package io.qyi.e5.service.task;
|
||||
public interface ITask {
|
||||
void sendTaskOutlookMQ(int github_id);
|
||||
void sendTaskOutlookMQALL();
|
||||
|
||||
void executeE5(int github_id);
|
||||
boolean executeE5(int github_id);
|
||||
|
||||
}
|
||||
|
||||
@@ -72,13 +72,13 @@ public class TaskImpl implements ITask {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void executeE5(int github_id) {
|
||||
public boolean executeE5(int github_id) {
|
||||
Outlook Outlook = outlookService.getOne(new QueryWrapper<Outlook>().eq("github_id", github_id));
|
||||
if (Outlook == null) {
|
||||
logger.warn("未找到此用户,github_id: {}", github_id);
|
||||
return;
|
||||
return false;
|
||||
}
|
||||
outlookService.getMailList(Outlook);
|
||||
return outlookService.getMailList(Outlook);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -31,6 +31,13 @@ public class ResultUtil extends Throwable {
|
||||
result.setMsg(msg);
|
||||
return result;
|
||||
}
|
||||
public static Result error(Integer code, long time, String msg) {
|
||||
Result result = new Result();
|
||||
result.setCode(code);
|
||||
result.setMsg(msg);
|
||||
result.setData(time);
|
||||
return result;
|
||||
}
|
||||
public static Result success(ResultEnum resultEnum, Object object) {
|
||||
Result result = new Result();
|
||||
result.setCode(resultEnum.getCode());
|
||||
|
||||
Reference in New Issue
Block a user