权限拦截
This commit is contained in:
parent
f37cfc0c7b
commit
16075acd60
@ -12,11 +12,11 @@ public enum AuthorizationClassEnum {
|
|||||||
|
|
||||||
ENGINE_VIEW("1", "发动机数据"),
|
ENGINE_VIEW("1", "发动机数据"),
|
||||||
ENGINE_EDIT("2", "发动机数据"),
|
ENGINE_EDIT("2", "发动机数据"),
|
||||||
ENGINE_APPROVAL("1", "发动机数据流程"),
|
ENGINE_APPROVAL("1", "发动机数据审批流程"),
|
||||||
|
|
||||||
REPORT_VIEW("1", "对标报告"),
|
REPORT_VIEW("1", "对标报告"),
|
||||||
REPORT_EDIT("2", "对标报告"),
|
REPORT_EDIT("2", "对标报告"),
|
||||||
REPORT_APPROVAL("1", "对标报告流程"),
|
REPORT_APPROVAL("1", "对标报告审批流程"),
|
||||||
|
|
||||||
BASIC_DATA_VIEW("1", "基础管理模块"),
|
BASIC_DATA_VIEW("1", "基础管理模块"),
|
||||||
BASIC_DATA_EDIT("2", "基础管理模块"),
|
BASIC_DATA_EDIT("2", "基础管理模块"),
|
||||||
|
|||||||
@ -35,7 +35,6 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
|||||||
PATH_PERMISSION_MAP.put("/custom/parameter/maintenanceParameters", AuthorizationClassEnum.TEMPLATE_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/parameter/maintenanceParameters", AuthorizationClassEnum.TEMPLATE_EDIT);
|
||||||
// 模板管理相关 - 对应审批管理权限
|
// 模板管理相关 - 对应审批管理权限
|
||||||
PATH_PERMISSION_MAP.put("/custom/approval/startApproval", AuthorizationClassEnum.TEMPLATE_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/approval/startApproval", AuthorizationClassEnum.TEMPLATE_EDIT);
|
||||||
|
|
||||||
// 模板审批流程查看
|
// 模板审批流程查看
|
||||||
PATH_PERMISSION_MAP.put("/custom/approval/getApprovalList", AuthorizationClassEnum.TEMPLATE_APPROVAL);
|
PATH_PERMISSION_MAP.put("/custom/approval/getApprovalList", AuthorizationClassEnum.TEMPLATE_APPROVAL);
|
||||||
|
|
||||||
@ -47,12 +46,14 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
|||||||
PATH_PERMISSION_MAP.put("/custom/engineParamDetailPojo/updateParamValue", AuthorizationClassEnum.ENGINE_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/engineParamDetailPojo/updateParamValue", AuthorizationClassEnum.ENGINE_EDIT);
|
||||||
// 发动机数据相关 - 对应发动机数据权限
|
// 发动机数据相关 - 对应发动机数据权限
|
||||||
PATH_PERMISSION_MAP.put("/custom/activiti", AuthorizationClassEnum.ENGINE_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/activiti", AuthorizationClassEnum.ENGINE_EDIT);
|
||||||
|
|
||||||
// 发动机审批流程查看
|
// 发动机审批流程查看
|
||||||
PATH_PERMISSION_MAP.put("/custom/activiti/showEngReview", AuthorizationClassEnum.ENGINE_APPROVAL);
|
PATH_PERMISSION_MAP.put("/custom/activiti/showEngReview", AuthorizationClassEnum.ENGINE_APPROVAL);
|
||||||
|
|
||||||
// 对标报告相关
|
// 对标报告相关
|
||||||
PATH_PERMISSION_MAP.put("/custom/benchmark", AuthorizationClassEnum.REPORT_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/benchmark/insertReport", AuthorizationClassEnum.REPORT_EDIT);
|
||||||
|
PATH_PERMISSION_MAP.put("/custom/benchmark/startReportApproval", AuthorizationClassEnum.REPORT_EDIT);
|
||||||
|
PATH_PERMISSION_MAP.put("/custom/benchmark/getReportAndTodoByCondition", AuthorizationClassEnum.REPORT_VIEW);
|
||||||
|
PATH_PERMISSION_MAP.put("/custom/benchmark/getApprovalList", AuthorizationClassEnum.REPORT_APPROVAL);
|
||||||
|
|
||||||
// 基础管理模块相关
|
// 基础管理模块相关
|
||||||
PATH_PERMISSION_MAP.put("/custom/responsible/import", AuthorizationClassEnum.BASIC_DATA_EDIT);
|
PATH_PERMISSION_MAP.put("/custom/responsible/import", AuthorizationClassEnum.BASIC_DATA_EDIT);
|
||||||
@ -66,16 +67,16 @@ public class AuthorizationInterceptor implements HandlerInterceptor {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||||
// String servletPath = request.getServletPath();
|
String servletPath = request.getServletPath();
|
||||||
// String userId = runtimeAppContextService.getCurrentUserId();
|
String userId = runtimeAppContextService.getCurrentUserId();
|
||||||
// if (userId == null || userId.isEmpty()) {
|
if (userId == null || userId.isEmpty()) {
|
||||||
// throw new CommonException("用户未登录或登录已过期");
|
throw new CommonException("用户未登录或登录已过期");
|
||||||
// }
|
}
|
||||||
// AuthorizationClassEnum requiredPermission = findRequiredPermission(servletPath);
|
AuthorizationClassEnum requiredPermission = findRequiredPermission(servletPath);
|
||||||
// if (requiredPermission == null) {
|
if (requiredPermission == null) {
|
||||||
// return true;
|
return true;
|
||||||
// }
|
}
|
||||||
// authService.checkUserAuthorization(userId, requiredPermission);
|
authService.checkUserAuthorization(userId, requiredPermission);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -2,9 +2,16 @@ package com.xdap.self_development.service;
|
|||||||
|
|
||||||
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
public interface AuthService {
|
public interface AuthService {
|
||||||
/**
|
/**
|
||||||
* 验证用户是否有操作权限
|
* 验证用户是否有操作权限
|
||||||
*/
|
*/
|
||||||
void checkUserAuthorization(String userId, AuthorizationClassEnum classEnum);
|
void checkUserAuthorization(String userId, AuthorizationClassEnum classEnum);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 验证用户是否有某个操作权限
|
||||||
|
*/
|
||||||
|
void checkUserHasPermission(String userId, String permission);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
package com.xdap.self_development.service.impl;
|
package com.xdap.self_development.service.impl;
|
||||||
|
|
||||||
|
import com.alibaba.excel.util.StringUtils;
|
||||||
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||||
import com.xdap.self_development.domain.view.MenuParamView;
|
import com.xdap.self_development.domain.view.MenuParamView;
|
||||||
import com.xdap.self_development.exception.CommonException;
|
import com.xdap.self_development.exception.CommonException;
|
||||||
@ -9,7 +10,6 @@ import org.springframework.beans.factory.annotation.Autowired;
|
|||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Objects;
|
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
@ -29,12 +29,53 @@ public class AuthServiceImpl implements AuthService {
|
|||||||
}
|
}
|
||||||
// 过滤检查是否有相关权限
|
// 过滤检查是否有相关权限
|
||||||
List<MenuParamView> collected = menuParamViews.stream()
|
List<MenuParamView> collected = menuParamViews.stream()
|
||||||
.filter(menuParamView ->
|
.filter(view -> StringUtils.isNotBlank(view.getPermissionPath()))
|
||||||
Objects.equals(menuParamView.getPermissionPath(), classEnum.getPermissionPath())
|
.filter(view -> {
|
||||||
&& Objects.equals(menuParamView.getParameterPer(), classEnum.getPermissionPer()))
|
String permissionPath = view.getPermissionPath();
|
||||||
|
String[] pathSegments = permissionPath.split("/");
|
||||||
|
if (pathSegments.length == 0) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
String firstPath = pathSegments[0];
|
||||||
|
String viewPer = view.getParameterPer();
|
||||||
|
String requirePer = classEnum.getPermissionPer();
|
||||||
|
String requirePath = classEnum.getPermissionPath();
|
||||||
|
return firstPath.endsWith(requirePath)
|
||||||
|
&& viewPer.compareTo(requirePer) >= 0;
|
||||||
|
})
|
||||||
.collect(Collectors.toList());
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
if (collected.isEmpty()) {
|
if (collected.isEmpty()) {
|
||||||
throw new CommonException("您没有" + classEnum.getPermissionPath() + "的操作权限");
|
throw new CommonException("您没有" + classEnum.getPermissionPath() + "的操作权限");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void checkUserHasPermission(String userId, String permission) {
|
||||||
|
List<MenuParamView> menuParamViews = modelRoleService.selectPersByUser(userId);
|
||||||
|
// 过滤检查是否为管理员
|
||||||
|
List<MenuParamView> isAdmin = menuParamViews.stream().filter(item ->
|
||||||
|
item.getIsAdmin() != null && item.getIsAdmin() == 1)
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
if (!isAdmin.isEmpty()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// 过滤检查是否有相关权限
|
||||||
|
List<MenuParamView> collected = menuParamViews.stream()
|
||||||
|
.filter(view -> StringUtils.isNotBlank(view.getPermissionPath()))
|
||||||
|
.filter(view -> {
|
||||||
|
String permissionPath = view.getPermissionPath();
|
||||||
|
String[] pathSegments = permissionPath.split("/");
|
||||||
|
if (pathSegments.length == 0) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
String firstPath = pathSegments[0];
|
||||||
|
return firstPath.endsWith(permission);
|
||||||
|
})
|
||||||
|
.collect(Collectors.toList());
|
||||||
|
|
||||||
|
if (collected.isEmpty()) {
|
||||||
|
throw new CommonException("您没有" + permission + "的操作权限");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,6 +16,7 @@ import com.xdap.self_development.controller.request.DataEntryEngineModelExcel;
|
|||||||
import com.xdap.self_development.controller.request.DataEntryEngineModelPageRequest;
|
import com.xdap.self_development.controller.request.DataEntryEngineModelPageRequest;
|
||||||
import com.xdap.self_development.domain.dto.DataEntryEngineModelDto;
|
import com.xdap.self_development.domain.dto.DataEntryEngineModelDto;
|
||||||
import com.xdap.self_development.domain.dto.PageResultDTO;
|
import com.xdap.self_development.domain.dto.PageResultDTO;
|
||||||
|
import com.xdap.self_development.domain.enums.AuthorizationClassEnum;
|
||||||
import com.xdap.self_development.domain.enums.DistributeStatusEnum;
|
import com.xdap.self_development.domain.enums.DistributeStatusEnum;
|
||||||
import com.xdap.self_development.domain.enums.ParamValueVersionEnum;
|
import com.xdap.self_development.domain.enums.ParamValueVersionEnum;
|
||||||
import com.xdap.self_development.domain.pojo.*;
|
import com.xdap.self_development.domain.pojo.*;
|
||||||
@ -51,8 +52,8 @@ import java.util.stream.Collectors;
|
|||||||
@Slf4j
|
@Slf4j
|
||||||
@Service
|
@Service
|
||||||
public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelService {
|
public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelService {
|
||||||
|
@Resource
|
||||||
|
private AuthService authService;
|
||||||
@Resource
|
@Resource
|
||||||
private BusinessDatabase bd;
|
private BusinessDatabase bd;
|
||||||
@Resource
|
@Resource
|
||||||
@ -102,6 +103,13 @@ public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelServ
|
|||||||
List<DataEntryEngineModelDto> dataEntryEngineModelDtos = new ArrayList<>();
|
List<DataEntryEngineModelDto> dataEntryEngineModelDtos = new ArrayList<>();
|
||||||
PageResultDTO<DataEntryEngineModelDto> tPageResultDTO = new PageResultDTO<>();
|
PageResultDTO<DataEntryEngineModelDto> tPageResultDTO = new PageResultDTO<>();
|
||||||
if (!Objects.isNull(request)) {
|
if (!Objects.isNull(request)) {
|
||||||
|
if (Objects.equals(request.getYcOrOth(), "玉柴")) {
|
||||||
|
authService.checkUserHasPermission(request.getLoginUserId(), "玉柴"+ AuthorizationClassEnum.ENGINE_VIEW.getPermissionPath());
|
||||||
|
} else if (Objects.equals(request.getYcOrOth(), "竞品")) {
|
||||||
|
authService.checkUserHasPermission(request.getLoginUserId(), "竞品"+ AuthorizationClassEnum.ENGINE_VIEW.getPermissionPath());
|
||||||
|
} else {
|
||||||
|
throw new CommonException("无效的查询条件");
|
||||||
|
}
|
||||||
page = request.getPage();
|
page = request.getPage();
|
||||||
size = request.getSize();
|
size = request.getSize();
|
||||||
String department = request.getDepartment();
|
String department = request.getDepartment();
|
||||||
@ -402,6 +410,11 @@ public class DataEntryEngineModelServiceImpl implements DataEntryEngineModelServ
|
|||||||
boolean othFlag = false;
|
boolean othFlag = false;
|
||||||
|
|
||||||
for (MenuParamView item : menuParamViews) {
|
for (MenuParamView item : menuParamViews) {
|
||||||
|
if (item.getIsAdmin() != null && item.getIsAdmin() == 1) {
|
||||||
|
othFlag = true;
|
||||||
|
ycFlag = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
if (item.getPermissionPath().startsWith("竞品发动机数据") && !item.getPermissionPath().equals("竞品发动机数据审批流程")) {
|
if (item.getPermissionPath().startsWith("竞品发动机数据") && !item.getPermissionPath().equals("竞品发动机数据审批流程")) {
|
||||||
othFlag = true;
|
othFlag = true;
|
||||||
continue;
|
continue;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user