权限拦截
This commit is contained in:
parent
f37cfc0c7b
commit
16075acd60
@ -12,11 +12,11 @@ public enum AuthorizationClassEnum {
|
||||
|
||||
ENGINE_VIEW("1", "发动机数据"),
|
||||
ENGINE_EDIT("2", "发动机数据"),
|
||||
ENGINE_APPROVAL("1", "发动机数据流程"),
|
||||
ENGINE_APPROVAL("1", "发动机数据审批流程"),
|
||||
|
||||
REPORT_VIEW("1", "对标报告"),
|
||||
REPORT_EDIT("2", "对标报告"),
|
||||
REPORT_APPROVAL("1", "对标报告流程"),
|
||||
REPORT_APPROVAL("1", "对标报告审批流程"),
|
||||
|
||||
BASIC_DATA_VIEW("1", "基础管理模块"),
|
||||
BASIC_DATA_EDIT("2", "基础管理模块"),
|
||||
|
||||
@ -35,7 +35,6 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
||||
PATH_PERMISSION_MAP.put("/custom/parameter/maintenanceParameters", AuthorizationClassEnum.TEMPLATE_EDIT);
|
||||
// 模板管理相关 - 对应审批管理权限
|
||||
PATH_PERMISSION_MAP.put("/custom/approval/startApproval", AuthorizationClassEnum.TEMPLATE_EDIT);
|
||||
|
||||
// 模板审批流程查看
|
||||
PATH_PERMISSION_MAP.put("/custom/approval/getApprovalList", AuthorizationClassEnum.TEMPLATE_APPROVAL);
|
||||
|
||||
@ -47,13 +46,15 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
||||
PATH_PERMISSION_MAP.put("/custom/engineParamDetailPojo/updateParamValue", AuthorizationClassEnum.ENGINE_EDIT);
|
||||
// 发动机数据相关 - 对应发动机数据权限
|
||||
PATH_PERMISSION_MAP.put("/custom/activiti", AuthorizationClassEnum.ENGINE_EDIT);
|
||||
|
||||
// 发动机审批流程查看
|
||||
PATH_PERMISSION_MAP.put("/custom/activiti/showEngReview", AuthorizationClassEnum.ENGINE_APPROVAL);
|
||||
|
||||
// 对标报告相关
|
||||
PATH_PERMISSION_MAP.put("/custom/benchmark", AuthorizationClassEnum.REPORT_EDIT);
|
||||
|
||||
PATH_PERMISSION_MAP.put("/custom/benchmark/insertReport", AuthorizationClassEnum.REPORT_EDIT);
|
||||
PATH_PERMISSION_MAP.put("/custom/benchmark/startReportApproval", AuthorizationClassEnum.REPORT_EDIT);
|
||||
PATH_PERMISSION_MAP.put("/custom/benchmark/getReportAndTodoByCondition", AuthorizationClassEnum.REPORT_VIEW);
|
||||
PATH_PERMISSION_MAP.put("/custom/benchmark/getApprovalList", AuthorizationClassEnum.REPORT_APPROVAL);
|
||||
|
||||
// 基础管理模块相关
|
||||
PATH_PERMISSION_MAP.put("/custom/responsible/import", AuthorizationClassEnum.BASIC_DATA_EDIT);
|
||||
PATH_PERMISSION_MAP.put("/custom/responsible/saveResponsiblePerson", AuthorizationClassEnum.BASIC_DATA_EDIT);
|
||||
@ -66,16 +67,16 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
// String servletPath = request.getServletPath();
|
||||
// String userId = runtimeAppContextService.getCurrentUserId();
|
||||
// if (userId == null || userId.isEmpty()) {
|
||||
// throw new CommonException("用户未登录或登录已过期");
|
||||
// }
|
||||
// AuthorizationClassEnum requiredPermission = findRequiredPermission(servletPath);
|
||||
// if (requiredPermission == null) {
|
||||
// return true;
|
||||
// }
|
||||
// authService.checkUserAuthorization(userId, requiredPermission);
|
||||
String servletPath = request.getServletPath();
|
||||
String userId = runtimeAppContextService.getCurrentUserId();
|
||||
if (userId == null || userId.isEmpty()) {
|
||||
throw new CommonException("用户未登录或登录已过期");
|
||||
}
|
||||
AuthorizationClassEnum requiredPermission = findRequiredPermission(servletPath);
|
||||
if (requiredPermission == null) {
|
||||
return true;
|
||||
}
|
||||
authService.checkUserAuthorization(userId, requiredPermission);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@ -2,9 +2,16 @@ package com.xdap.self_development.service;
|
||||
|
||||
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface AuthService {
|
||||
/**
|
||||
* 验证用户是否有操作权限
|
||||
*/
|
||||
void checkUserAuthorization(String userId, AuthorizationClassEnum classEnum);
|
||||
|
||||
/**
|
||||
* 验证用户是否有某个操作权限
|
||||
*/
|
||||
void checkUserHasPermission(String userId, String permission);
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package com.xdap.self_development.service.impl;
|
||||
|
||||
import com.alibaba.excel.util.StringUtils;
|
||||
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||
import com.xdap.self_development.domain.view.MenuParamView;
|
||||
import com.xdap.self_development.exception.CommonException;
|
||||
@ -9,7 +10,6 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
@ -29,12 +29,53 @@ public class AuthServiceImpl implements AuthService {
|
||||
}
|
||||
// 过滤检查是否有相关权限
|
||||
List<MenuParamView> collected = menuParamViews.stream()
|
||||
.filter(menuParamView ->
|
||||
Objects.equals(menuParamView.getPermissionPath(), classEnum.getPermissionPath())
|
||||
&& Objects.equals(menuParamView.getParameterPer(), classEnum.getPermissionPer()))
|
||||
.filter(view -> StringUtils.isNotBlank(view.getPermissionPath()))
|
||||
.filter(view -> {
|
||||
String permissionPath = view.getPermissionPath();
|
||||
String[] pathSegments = permissionPath.split("/");
|
||||
if (pathSegments.length == 0) {
|
||||
return false;
|
||||
}
|
||||
String firstPath = pathSegments[0];
|
||||
String viewPer = view.getParameterPer();
|
||||
String requirePer = classEnum.getPermissionPer();
|
||||
String requirePath = classEnum.getPermissionPath();
|
||||
return firstPath.endsWith(requirePath)
|
||||
&& viewPer.compareTo(requirePer) >= 0;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
|
||||
if (collected.isEmpty()) {
|
||||
throw new CommonException("您没有" + classEnum.getPermissionPath() + "的操作权限");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkUserHasPermission(String userId, String permission) {
|
||||
List<MenuParamView> menuParamViews = modelRoleService.selectPersByUser(userId);
|
||||
// 过滤检查是否为管理员
|
||||
List<MenuParamView> isAdmin = menuParamViews.stream().filter(item ->
|
||||
item.getIsAdmin() != null && item.getIsAdmin() == 1)
|
||||
.collect(Collectors.toList());
|
||||
if (!isAdmin.isEmpty()) {
|
||||
return;
|
||||
}
|
||||
// 过滤检查是否有相关权限
|
||||
List<MenuParamView> collected = menuParamViews.stream()
|
||||
.filter(view -> StringUtils.isNotBlank(view.getPermissionPath()))
|
||||
.filter(view -> {
|
||||
String permissionPath = view.getPermissionPath();
|
||||
String[] pathSegments = permissionPath.split("/");
|
||||
if (pathSegments.length == 0) {
|
||||
return false;
|
||||
}
|
||||
String firstPath = pathSegments[0];
|
||||
return firstPath.endsWith(permission);
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
|
||||
if (collected.isEmpty()) {
|
||||
throw new CommonException("您没有" + permission + "的操作权限");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -16,6 +16,7 @@ import com.xdap.self_development.controller.request.DataEntryEngineModelExcel;
|
||||
import com.xdap.self_development.controller.request.DataEntryEngineModelPageRequest;
|
||||
import com.xdap.self_development.domain.dto.DataEntryEngineModelDto;
|
||||
import com.xdap.self_development.domain.dto.PageResultDTO;
|
||||
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||
import com.xdap.self_development.domain.enums.DistributeStatusEnum;
|
||||
import com.xdap.self_development.domain.enums.ParamValueVersionEnum;
|
||||
import com.xdap.self_development.domain.pojo.*;
|
||||
@ -51,8 +52,8 @@ import java.util.stream.Collectors;
|
||||
@Slf4j
|
||||
@Service
|
||||
public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelService {
|
||||
|
||||
|
||||
@Resource
|
||||
private AuthService authService;
|
||||
@Resource
|
||||
private BusinessDatabase bd;
|
||||
@Resource
|
||||
@ -102,6 +103,13 @@ public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelServ
|
||||
List<DataEntryEngineModelDto> dataEntryEngineModelDtos = new ArrayList<>();
|
||||
PageResultDTO<DataEntryEngineModelDto> tPageResultDTO = new PageResultDTO<>();
|
||||
if (!Objects.isNull(request)) {
|
||||
if (Objects.equals(request.getYcOrOth(), "玉柴")) {
|
||||
authService.checkUserHasPermission(request.getLoginUserId(), "玉柴"+ AuthorizationClassEnum.ENGINE_VIEW.getPermissionPath());
|
||||
} else if (Objects.equals(request.getYcOrOth(), "竞品")) {
|
||||
authService.checkUserHasPermission(request.getLoginUserId(), "竞品"+ AuthorizationClassEnum.ENGINE_VIEW.getPermissionPath());
|
||||
} else {
|
||||
throw new CommonException("无效的查询条件");
|
||||
}
|
||||
page = request.getPage();
|
||||
size = request.getSize();
|
||||
String department = request.getDepartment();
|
||||
@ -402,6 +410,11 @@ public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelServ
|
||||
boolean othFlag = false;
|
||||
|
||||
for (MenuParamView item : menuParamViews) {
|
||||
if (item.getIsAdmin() != null && item.getIsAdmin() == 1) {
|
||||
othFlag = true;
|
||||
ycFlag = true;
|
||||
break;
|
||||
}
|
||||
if (item.getPermissionPath().startsWith("竞品发动机数据") && !item.getPermissionPath().equals("竞品发动机数据审批流程")) {
|
||||
othFlag = true;
|
||||
continue;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user