From b11350f61b0a1fcdf92a273401c13f989796b25f Mon Sep 17 00:00:00 2001 From: huangge1199 Date: Mon, 30 Jun 2025 16:04:23 +0800 Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E6=A8=A1=E5=9D=97=EF=BC=9A?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../picture/annotation/AuthCheck.java | 23 +++++++ .../picture/aop/AuthInterceptor.java | 66 +++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 src/main/java/com/huangge1199/picture/annotation/AuthCheck.java create mode 100644 src/main/java/com/huangge1199/picture/aop/AuthInterceptor.java diff --git a/src/main/java/com/huangge1199/picture/annotation/AuthCheck.java b/src/main/java/com/huangge1199/picture/annotation/AuthCheck.java new file mode 100644 index 0000000..e82578a --- /dev/null +++ b/src/main/java/com/huangge1199/picture/annotation/AuthCheck.java @@ -0,0 +1,23 @@ +package com.huangge1199.picture.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * annotation + * + * @author huangge1199 + * @since 2025/6/30 15:58:45 + */ +@Target(ElementType.METHOD) +@Retention(RetentionPolicy.RUNTIME) +public @interface AuthCheck { + + /** + * 必须有某个角色 + */ + String mustRole() default ""; +} + diff --git a/src/main/java/com/huangge1199/picture/aop/AuthInterceptor.java b/src/main/java/com/huangge1199/picture/aop/AuthInterceptor.java new file mode 100644 index 0000000..cf700b6 --- /dev/null +++ b/src/main/java/com/huangge1199/picture/aop/AuthInterceptor.java @@ -0,0 +1,66 @@ +package com.huangge1199.picture.aop; + +import com.huangge1199.picture.annotation.AuthCheck; +import com.huangge1199.picture.exception.ErrorCode; +import com.huangge1199.picture.exception.MyException; +import com.huangge1199.picture.model.entity.User; +import com.huangge1199.picture.model.enums.UserRoleEnum; +import com.huangge1199.picture.service.UserService; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.springframework.stereotype.Component; +import org.springframework.web.context.request.RequestAttributes; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; + +/** + * AuthInterceptor + * + * @author huangge1199 + * @since 2025/6/30 15:59:56 + */ +@Aspect +@Component +public class AuthInterceptor { + + @Resource + private UserService userService; + + /** + * 执行拦截 + * + * @param joinPoint 切入点 + * @param authCheck 权限校验注解 + */ + @Around("@annotation(authCheck)") + public Object doInterceptor(ProceedingJoinPoint joinPoint, AuthCheck authCheck) throws Throwable { + String mustRole = authCheck.mustRole(); + RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes(); + HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest(); + // 当前登录用户 + User loginUser = userService.getLoginUser(request); + UserRoleEnum mustRoleEnum = UserRoleEnum.getEnumByValue(mustRole); + // 不需要权限,放行 + if (mustRoleEnum == null) { + return joinPoint.proceed(); + } + // 以下为:必须有该权限才通过 + // 获取当前用户具有的权限 + UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(loginUser.getUserRole()); + // 没有权限,拒绝 + if (userRoleEnum == null) { + throw new MyException(ErrorCode.NO_AUTH_ERROR); + } + // 要求必须有管理员权限,但用户没有管理员权限,拒绝 + if (UserRoleEnum.ADMIN.equals(mustRoleEnum) && !UserRoleEnum.ADMIN.equals(userRoleEnum)) { + throw new MyException(ErrorCode.NO_AUTH_ERROR); + } + // 通过权限校验,放行 + return joinPoint.proceed(); + } +} +