From a1f4d8745f3d523f10a3bf5dfcaa45d9712e1a1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E5=98=89=E8=B1=AA?= <15615273395@163.com> Date: Fri, 3 Apr 2026 20:54:34 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9D=83=E9=99=90=E7=AE=A1=E7=90=86=E4=BF=AE?= =?UTF-8?q?=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../intercept/AuthorizationInterceptor.java | 116 +++++++++++++++++- 1 file changed, 113 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/xdap/self_development/intercept/AuthorizationInterceptor.java b/src/main/java/com/xdap/self_development/intercept/AuthorizationInterceptor.java index 341d779..b8edb80 100644 --- a/src/main/java/com/xdap/self_development/intercept/AuthorizationInterceptor.java +++ b/src/main/java/com/xdap/self_development/intercept/AuthorizationInterceptor.java @@ -1,22 +1,132 @@ package com.xdap.self_development.intercept; +import com.xdap.runtime.service.RuntimeAppContextService; +import com.xdap.self_development.domain.enums.AuthorizationClassEnum; +import com.xdap.self_development.exception.CommonException; +import com.xdap.self_development.service.AuthService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerInterceptor; -import javax.security.auth.message.config.AuthConfig; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.util.HashMap; +import java.util.Map; @Component public class AuthorizationInterceptor implements HandlerInterceptor { @Autowired - private AuthConfig authConfig; + private AuthService authService; + + @Autowired + private RuntimeAppContextService runtimeAppContextService; + + // 请求路径与权限枚举的映射关系 + private static final Map PATH_PERMISSION_MAP = new HashMap<>(); + + static { + // 模板管理相关 - 对应参数模板管理权限 + PATH_PERMISSION_MAP.put("/custom/template", AuthorizationClassEnum.TEMPLATE_EDIT); + PATH_PERMISSION_MAP.put("/custom/parameter", AuthorizationClassEnum.TEMPLATE_EDIT); + PATH_PERMISSION_MAP.put("/custom/commonParameter", AuthorizationClassEnum.TEMPLATE_EDIT); + PATH_PERMISSION_MAP.put("/custom/chartCommonParameter", AuthorizationClassEnum.TEMPLATE_EDIT); + PATH_PERMISSION_MAP.put("/custom/analysisCommonParameter", AuthorizationClassEnum.TEMPLATE_EDIT); + + // 玉柴发动机数据相关 + PATH_PERMISSION_MAP.put("/custom/dataEntry", AuthorizationClassEnum.YC_ENGINE_EDIT); + PATH_PERMISSION_MAP.put("/custom/engineParamDetail", AuthorizationClassEnum.YC_ENGINE_EDIT); + PATH_PERMISSION_MAP.put("/custom/dataEntryEngineModel", AuthorizationClassEnum.YC_ENGINE_EDIT); + + // 竞品发动机数据相关 + PATH_PERMISSION_MAP.put("/custom/tcDataQuery", AuthorizationClassEnum.OTH_ENGINE_EDIT); + + // 对标报告相关 + PATH_PERMISSION_MAP.put("/custom/benchmark", AuthorizationClassEnum.REPORT_EDIT); + + // 基础管理模块相关 + PATH_PERMISSION_MAP.put("/custom/activiti", AuthorizationClassEnum.BASIC_DATA_EDIT); + PATH_PERMISSION_MAP.put("/custom/responsiblePerson", AuthorizationClassEnum.BASIC_DATA_EDIT); + PATH_PERMISSION_MAP.put("/custom/filledPerson", AuthorizationClassEnum.BASIC_DATA_EDIT); + PATH_PERMISSION_MAP.put("/custom/deptResponsible", AuthorizationClassEnum.BASIC_DATA_EDIT); + PATH_PERMISSION_MAP.put("/custom/todoTask", AuthorizationClassEnum.BASIC_DATA_EDIT); + PATH_PERMISSION_MAP.put("/custom/ycTaskResult", AuthorizationClassEnum.BASIC_DATA_EDIT); + + // 权限管理相关 + PATH_PERMISSION_MAP.put("/custom/permission", AuthorizationClassEnum.AUTH_EDIT); + PATH_PERMISSION_MAP.put("/custom/role", AuthorizationClassEnum.AUTH_EDIT); + PATH_PERMISSION_MAP.put("/custom/userRole", AuthorizationClassEnum.AUTH_EDIT); + } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + // 如果不是方法调用,直接放行 + if (!(handler instanceof HandlerMethod)) { + return true; + } + // 获取请求路径 + String servletPath = request.getServletPath(); + + // 获取当前用户 ID + String userId = getCurrentUserId(); + + // 如果无法获取用户 ID,说明未登录或 token 无效,抛出异常 + if (userId == null || userId.isEmpty()) { + throw new CommonException("用户未登录或登录已过期"); + } + + // 根据路径查找对应的权限 + AuthorizationClassEnum requiredPermission = findRequiredPermission(servletPath); + + // 如果没有找到匹配的权限配置,可以选择放行或拒绝(这里选择放行,避免影响未配置的接口) + if (requiredPermission == null) { + // 可以记录日志用于后续完善权限配置 + return true; + } + + // 调用 authService 进行权限验证 + authService.checkUserAuthorization(userId, requiredPermission); + return true; } -} \ No newline at end of file + + /** + * 获取当前用户 ID + */ + private String getCurrentUserId() { + try { + return runtimeAppContextService.getCurrentUserId(); + } catch (Exception e) { + return null; + } + } + + /** + * 根据请求路径查找所需的权限 + * 支持精确匹配和前缀匹配 + */ + private AuthorizationClassEnum findRequiredPermission(String path) { + // 1. 首先尝试精确匹配 + if (PATH_PERMISSION_MAP.containsKey(path)) { + return PATH_PERMISSION_MAP.get(path); + } + + // 2. 尝试前缀匹配(处理 /custom/template/xxx 这种情况) + for (Map.Entry entry : PATH_PERMISSION_MAP.entrySet()) { + String prefix = entry.getKey(); + if (path.startsWith(prefix + "/") || path.equals(prefix)) { + return entry.getValue(); + } + } + + // 3. 特殊路径处理:去掉末尾的斜杠后再匹配 + if (path.endsWith("/")) { + String normalizedPath = path.substring(0, path.length() - 1); + return findRequiredPermission(normalizedPath); + } + + return null; + } +}