• Home
• cn.acyou
• leo-framework-commons
• 1.1.1.RELEASE
• source code
• PermissionsAspect.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.acyou.leo.framework.aspect.PermissionsAspect Maven / Gradle / Ivy

package cn.acyou.leo.framework.aspect;

import cn.acyou.leo.framework.annotation.authz.Logical;
import cn.acyou.leo.framework.annotation.authz.RequiresPermissions;
import cn.acyou.leo.framework.annotation.authz.RequiresRoles;
import cn.acyou.leo.framework.base.LoginUser;
import cn.acyou.leo.framework.context.AppContext;
import cn.acyou.leo.framework.exception.ServiceException;
import com.google.common.collect.Sets;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

import java.util.Set;

/**
 *
 * 权限校验切面
 *
 * use support {@link RequiresRoles} & {@link RequiresPermissions}
 *
 * @author fangyou
 * @version [1.0.0, 2021-09-27 15:28]
 */
@Slf4j
@Aspect
@Component
public class PermissionsAspect {

    @Around("@annotation(cn.acyou.leo.framework.annotation.authz.RequiresRoles) || @annotation(cn.acyou.leo.framework.annotation.authz.RequiresPermissions)")
    public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
        MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
        RequiresRoles requiresRoles = methodSignature.getMethod().getAnnotation(RequiresRoles.class);
        RequiresPermissions requiresPermissions = methodSignature.getMethod().getAnnotation(RequiresPermissions.class);
        //角色
        if (requiresRoles != null) {
            LoginUser loginUser = AppContext.getLoginUser();
            if (loginUser == null) {
                throw new ServiceException("未登录，请先登录！");
            }
            Set roleCodes = loginUser.getRoleCodes();
            Logical logical = requiresRoles.logical();
            String[] needRoles = requiresRoles.value();
            if (logical.equals(Logical.AND)) {
                boolean containsAll = roleCodes.containsAll(Sets.newHashSet(needRoles));
                if (!containsAll) {
                    throw new ServiceException("权限不足，请联系管理员！");
                }
            }
            if (logical.equals(Logical.OR)) {
                boolean containsAny = CollectionUtils.containsAny(roleCodes, Sets.newHashSet(needRoles));
                if (!containsAny) {
                    throw new ServiceException("权限不足，请联系管理员！");
                }
            }
        }
        //权限
        if (requiresPermissions != null) {
            LoginUser loginUser = AppContext.getLoginUser();
            if (loginUser == null) {
                throw new ServiceException("未登录，请先登录！");
            }
            Set permsList = loginUser.getPermsList();
            Logical logical = requiresPermissions.logical();
            String[] needPermissions = requiresPermissions.value();
            if (logical.equals(Logical.AND)) {
                boolean containsAll = permsList.containsAll(Sets.newHashSet(needPermissions));
                if (!containsAll) {
                    throw new ServiceException("权限不足，请联系管理员！");
                }
            }
            if (logical.equals(Logical.OR)) {
                boolean containsAny = CollectionUtils.containsAny(permsList, Sets.newHashSet(needPermissions));
                if (!containsAny) {
                    throw new ServiceException("权限不足，请联系管理员！");
                }
            }
        }
        return joinPoint.proceed();
    }
}