From afbc6e46578c4f2c42cf213b354ab0a0b545fc07 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期二, 11 七月 2023 09:43:57 +0800
Subject: [PATCH] 1
---
src/main/java/com/moon/server/mapper/all/PermsMapper.java | 3 ++-
src/main/resources/mapper/all/PermsMapper.xml | 4 ++--
src/main/java/com/moon/server/service/all/PermsService.java | 7 ++++---
src/main/java/com/moon/server/interceptor/ProxyFilter.java | 36 +++++++++++++++++++++++-------------
4 files changed, 31 insertions(+), 19 deletions(-)
diff --git a/src/main/java/com/moon/server/interceptor/ProxyFilter.java b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
index 7f1fd45..1e729db 100644
--- a/src/main/java/com/moon/server/interceptor/ProxyFilter.java
+++ b/src/main/java/com/moon/server/interceptor/ProxyFilter.java
@@ -4,6 +4,7 @@
import com.moon.server.entity.all.HttpStatus;
import com.moon.server.entity.all.ResponseMsg;
import com.moon.server.entity.all.StaticData;
+import com.moon.server.entity.sys.ResEntity;
import com.moon.server.entity.sys.ResLogEntity;
import com.moon.server.entity.sys.TokenEntity;
import com.moon.server.entity.sys.UserEntity;
@@ -67,12 +68,19 @@
}
int resId = getResId(req.getRequestURI(), LEN + token.length() + 1);
- if (!check(req, res, ue, token, resId)) {
+ if (!check(req, res, ue, token)) {
+ return;
+ }
+
+ // 9.鑾峰彇璧勬簮瀹炰綋
+ ResEntity entity = getResEntity(ue, resId);
+ if (null == entity) {
+ WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
return;
}
insertLog(req, ue, resId);
- String url = getSourceUrl(req, resId);
+ String url = getSourceUrl(req, entity);
proxy(req, res, url);
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
@@ -116,7 +124,7 @@
/**
* 妫�鏌�
*/
- private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token, int resId) {
+ private boolean check(HttpServletRequest req, HttpServletResponse res, UserEntity ue, String token) {
// 4.鑾峰彇IP
String ip = WebHelper.getIpAddress(req);
if (StringHelper.isEmpty(ip)) {
@@ -126,11 +134,6 @@
// 5.妫�鏌ラ粦鍚嶅崟
if (!checkBlackList(ip, req)) {
return WebHelper.writeStr2Page(res, AuthInterceptor.BLACK_LIST);
- }
-
- // 9.妫�鏌ヨ祫婧愭潈闄�
- if (!checkResPerms(ue, resId)) {
- return WebHelper.writeStr2Page(res, ILLEGAL_RESOURCE);
}
// 6.admin璺宠繃鏉冮檺妫�娴�
@@ -193,14 +196,21 @@
/**
* 妫�鏌ヨ祫婧愭潈闄�
*/
- private boolean checkResPerms(UserEntity ue, int resId) {
+ private ResEntity getResEntity(UserEntity ue, int resId) {
String uid = StaticData.ADMIN.equals(ue.getUid()) ? null : ue.getUid();
- List<Integer> rs = permsService.selectResList(uid);
+ List<ResEntity> rs = permsService.selectResList(uid);
if (null == rs || rs.isEmpty()) {
- return false;
+ return null;
}
- return rs.contains(resId);
+ // List<ResEntity> list = rs.stream().filter(resEntity -> resEntity.getId() == resId).collect(Collectors.toList());
+ for (ResEntity entity : rs) {
+ if (resId == entity.getId()) {
+ return entity;
+ }
+ }
+
+ return null;
}
/**
@@ -255,7 +265,7 @@
/**
* 鑾峰彇鍘熷Url
*/
- private String getSourceUrl(HttpServletRequest req, int resId) {
+ private String getSourceUrl(HttpServletRequest req, ResEntity entity) {
return "";
}
diff --git a/src/main/java/com/moon/server/mapper/all/PermsMapper.java b/src/main/java/com/moon/server/mapper/all/PermsMapper.java
index 8528302..b39da1a 100644
--- a/src/main/java/com/moon/server/mapper/all/PermsMapper.java
+++ b/src/main/java/com/moon/server/mapper/all/PermsMapper.java
@@ -4,6 +4,7 @@
import com.moon.server.entity.all.PermsAuthEntity;
import com.moon.server.entity.all.ResAuthEntity;
import com.moon.server.entity.sys.MenuEntity;
+import com.moon.server.entity.sys.ResEntity;
import org.apache.ibatis.annotations.Mapper;
import org.springframework.stereotype.Repository;
@@ -30,7 +31,7 @@
* @param uid
* @return
*/
- public List<Integer> selectResList(String uid);
+ public List<ResEntity> selectResList(String uid);
/**
* 鏍规嵁鐢ㄦ埛Uid鏌ヨ鑿滃崟鎺堟潈
diff --git a/src/main/java/com/moon/server/service/all/PermsService.java b/src/main/java/com/moon/server/service/all/PermsService.java
index c8f089b..035ae82 100644
--- a/src/main/java/com/moon/server/service/all/PermsService.java
+++ b/src/main/java/com/moon/server/service/all/PermsService.java
@@ -2,6 +2,7 @@
import com.moon.server.entity.all.*;
import com.moon.server.entity.sys.MenuEntity;
+import com.moon.server.entity.sys.ResEntity;
import com.moon.server.mapper.all.PermsMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -38,14 +39,14 @@
}
@Override
- public List<Integer> selectResList(String uid) {
+ public List<ResEntity> selectResList(String uid) {
String key = RedisCacheKey.permsResListKey(uid);
Object obj = redisService.get(key);
if (obj instanceof List<?>) {
- return (List<Integer>) obj;
+ return (List<ResEntity>) obj;
}
- List<Integer> list = permsMapper.selectResList(uid);
+ List<ResEntity> list = permsMapper.selectResList(uid);
if (list != null && list.size() > 0) {
redisService.put(key, list, SettingData.CACHE_EXPIRE, TimeUnit.MINUTES);
}
diff --git a/src/main/resources/mapper/all/PermsMapper.xml b/src/main/resources/mapper/all/PermsMapper.xml
index 5def3cf..b8fa3a6 100644
--- a/src/main/resources/mapper/all/PermsMapper.xml
+++ b/src/main/resources/mapper/all/PermsMapper.xml
@@ -15,8 +15,8 @@
order by d.id
</select>
- <select id="selectResList" resultType="java.lang.Integer">
- select distinct d.id
+ <select id="selectResList" resultType="com.moon.server.entity.sys.ResEntity">
+ select distinct d.*
from lf.sys_user a
inner join lf.sys_role_user b on a.id = b.userid
inner join lf.sys_role_res c on b.roleid = c.roleid
--
Gitblit v1.9.3