From 140288288c1ba78b3577976e0f5919eb80cea078 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期一, 10 七月 2023 15:34:15 +0800
Subject: [PATCH] 1

---
 src/main/java/com/moon/server/interceptor/ProxyFilter.java |   32 +++++++++++++++++++++++---------
 1 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/src/main/java/com/moon/server/interceptor/ProxyFilter.java b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
index e6e7164..9d28f17 100644
--- a/src/main/java/com/moon/server/interceptor/ProxyFilter.java
+++ b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
@@ -1,6 +1,9 @@
 package com.moon.server.interceptor;
 
+import com.alibaba.fastjson.JSON;
+import com.moon.server.entity.all.HttpStatus;
 import com.moon.server.entity.all.ResAuthEntity;
+import com.moon.server.entity.all.ResponseMsg;
 import com.moon.server.entity.all.StaticData;
 import com.moon.server.entity.sys.TokenEntity;
 import com.moon.server.entity.sys.UserEntity;
@@ -35,6 +38,8 @@
 
     private final static int LEN = "/proxy/".length();
 
+    public static final String ILLEGAL_RESOURCE = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.UNAUTHORIZED, "娌℃湁璧勬簮璁块棶鏉冮檺"));
+
     @Override
     public void init(FilterConfig filterConfig) {
     }
@@ -44,15 +49,13 @@
         HttpServletRequest req = (HttpServletRequest) request;
         HttpServletResponse res = (HttpServletResponse) response;
 
+        // 2.鑾峰彇浠ょ墝
         String token = getToken(req);
-        if (!check(req, res, token)) {
+        int resId = getResId(req.getRequestURI(), LEN + token.length() + 1);
+        if (!check(req, res, token, resId)) {
             return;
         }
 
-        String uri = req.getRequestURI();
-        int resId = getResId(uri, LEN + token.length() + 1);
-
-        //
         insertLog(req, res);
     }
 
@@ -80,7 +83,7 @@
     /**
      * 妫�鏌�
      */
-    private boolean check(HttpServletRequest req, HttpServletResponse res, String token) {
+    private boolean check(HttpServletRequest req, HttpServletResponse res, String token, int resId) {
         // 3.鑾峰彇鐢ㄦ埛
         UserEntity ue = sysService.tokenService.getUserByToken(token);
         if (ue == null) {
@@ -96,6 +99,11 @@
         // 5.妫�鏌ラ粦鍚嶅崟
         if (!checkBlackList(ip, req)) {
             return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
+        }
+
+        // 9.妫�鏌ヨ祫婧愭潈闄�
+        if (!checkResPerms(ue, resId)) {
+            return WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
         }
 
         // 6.admin璺宠繃鏉冮檺妫�娴�
@@ -155,11 +163,17 @@
         return te.getIp().equals(ip);
     }
 
-    private boolean checkPerms(UserEntity ue, int resId){
+    /**
+     * 妫�鏌ヨ祫婧愭潈闄�
+     */
+    private boolean checkResPerms(UserEntity ue, int resId) {
         String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
-        List<ResAuthEntity> rs = permsService.selectRes(uid);
+        List<Integer> rs = permsService.selectResList(uid);
+        if (null == rs || rs.isEmpty()) {
+            return false;
+        }
 
-        return true;
+        return rs.contains(resId);
     }
 
     /**

--
Gitblit v1.9.3