用户模块:用户权限控制
This commit is contained in:
parent
43bcec3cc0
commit
b11350f61b
@ -0,0 +1,23 @@
|
|||||||
|
package com.huangge1199.picture.annotation;
|
||||||
|
|
||||||
|
import java.lang.annotation.ElementType;
|
||||||
|
import java.lang.annotation.Retention;
|
||||||
|
import java.lang.annotation.RetentionPolicy;
|
||||||
|
import java.lang.annotation.Target;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* annotation
|
||||||
|
*
|
||||||
|
* @author huangge1199
|
||||||
|
* @since 2025/6/30 15:58:45
|
||||||
|
*/
|
||||||
|
@Target(ElementType.METHOD)
|
||||||
|
@Retention(RetentionPolicy.RUNTIME)
|
||||||
|
public @interface AuthCheck {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 必须有某个角色
|
||||||
|
*/
|
||||||
|
String mustRole() default "";
|
||||||
|
}
|
||||||
|
|
||||||
@ -0,0 +1,66 @@
|
|||||||
|
package com.huangge1199.picture.aop;
|
||||||
|
|
||||||
|
import com.huangge1199.picture.annotation.AuthCheck;
|
||||||
|
import com.huangge1199.picture.exception.ErrorCode;
|
||||||
|
import com.huangge1199.picture.exception.MyException;
|
||||||
|
import com.huangge1199.picture.model.entity.User;
|
||||||
|
import com.huangge1199.picture.model.enums.UserRoleEnum;
|
||||||
|
import com.huangge1199.picture.service.UserService;
|
||||||
|
import org.aspectj.lang.ProceedingJoinPoint;
|
||||||
|
import org.aspectj.lang.annotation.Around;
|
||||||
|
import org.aspectj.lang.annotation.Aspect;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.context.request.RequestAttributes;
|
||||||
|
import org.springframework.web.context.request.RequestContextHolder;
|
||||||
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* AuthInterceptor
|
||||||
|
*
|
||||||
|
* @author huangge1199
|
||||||
|
* @since 2025/6/30 15:59:56
|
||||||
|
*/
|
||||||
|
@Aspect
|
||||||
|
@Component
|
||||||
|
public class AuthInterceptor {
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private UserService userService;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 执行拦截
|
||||||
|
*
|
||||||
|
* @param joinPoint 切入点
|
||||||
|
* @param authCheck 权限校验注解
|
||||||
|
*/
|
||||||
|
@Around("@annotation(authCheck)")
|
||||||
|
public Object doInterceptor(ProceedingJoinPoint joinPoint, AuthCheck authCheck) throws Throwable {
|
||||||
|
String mustRole = authCheck.mustRole();
|
||||||
|
RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
|
||||||
|
HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
|
||||||
|
// 当前登录用户
|
||||||
|
User loginUser = userService.getLoginUser(request);
|
||||||
|
UserRoleEnum mustRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
|
||||||
|
// 不需要权限,放行
|
||||||
|
if (mustRoleEnum == null) {
|
||||||
|
return joinPoint.proceed();
|
||||||
|
}
|
||||||
|
// 以下为:必须有该权限才通过
|
||||||
|
// 获取当前用户具有的权限
|
||||||
|
UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(loginUser.getUserRole());
|
||||||
|
// 没有权限,拒绝
|
||||||
|
if (userRoleEnum == null) {
|
||||||
|
throw new MyException(ErrorCode.NO_AUTH_ERROR);
|
||||||
|
}
|
||||||
|
// 要求必须有管理员权限,但用户没有管理员权限,拒绝
|
||||||
|
if (UserRoleEnum.ADMIN.equals(mustRoleEnum) && !UserRoleEnum.ADMIN.equals(userRoleEnum)) {
|
||||||
|
throw new MyException(ErrorCode.NO_AUTH_ERROR);
|
||||||
|
}
|
||||||
|
// 通过权限校验,放行
|
||||||
|
return joinPoint.proceed();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user