• Home
• org.macrocloud
• kernel-secure
• 1.0.5-RELEASE
• source code
• PermissionHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.macrocloud.kernel.security.handler.PermissionHandler Maven / Gradle / Ivy

package org.macrocloud.kernel.security.handler;

import lombok.AllArgsConstructor;

import org.macrocloud.kernel.auth.MacroUser;
import org.macrocloud.kernel.auth.utils.AuthUtil;
import org.macrocloud.kernel.cache.utils.CacheUtil;
import org.macrocloud.kernel.toolkit.utils.Func;
import org.macrocloud.kernel.toolkit.utils.StringPool;
import org.macrocloud.kernel.toolkit.utils.WebUtil;
import org.springframework.jdbc.core.JdbcTemplate;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

import static org.macrocloud.kernel.cache.constant.CacheConstant.SYS_CACHE;
import static org.macrocloud.kernel.security.constant.PermissionConstant.permissionAllStatement;
import static org.macrocloud.kernel.security.constant.PermissionConstant.permissionStatement;

/**
 * 默认授权校验类
 *
 */
@AllArgsConstructor
public class PermissionHandler implements IPermissionHandler {

	private static final String SCOPE_CACHE_CODE = "apiScope:code:";

	private final JdbcTemplate jdbcTemplate;

	@Override
	public boolean permissionAll() {
		HttpServletRequest request = WebUtil.getRequest();
		MacroUser user = AuthUtil.getUser();
		if (request == null || user == null) {
			return false;
		}
		String uri = request.getRequestURI();
		List paths = permissionPath(user.getRoleId());
		if (paths.size() == 0) {
			return false;
		}
		return paths.stream().anyMatch(uri::contains);
	}

	@Override
	public boolean hasPermission(String permission) {
		HttpServletRequest request = WebUtil.getRequest();
		MacroUser user = AuthUtil.getUser();
		if (request == null || user == null) {
			return false;
		}
		List codes = permissionCode(permission, user.getRoleId());
		return codes.size() != 0;
	}

	/**
	 * 获取接口权限地址
	 *
	 * @param roleId 角色id
	 * @return permissions
	 */
	private List permissionPath(String roleId) {
		List permissions = CacheUtil.get(SYS_CACHE, SCOPE_CACHE_CODE, roleId, List.class, Boolean.FALSE);
		if (permissions == null) {
			List roleIds = Func.toLongList(roleId);
			permissions = jdbcTemplate.queryForList(permissionAllStatement(roleIds.size()), roleIds.toArray(), String.class);
			CacheUtil.put(SYS_CACHE, SCOPE_CACHE_CODE, roleId, permissions, Boolean.FALSE);
		}
		return permissions;
	}

	/**
	 * 获取接口权限信息
	 *
	 * @param permission 权限编号
	 * @param roleId     角色id
	 * @return permissions
	 */
	private List permissionCode(String permission, String roleId) {
		List permissions = CacheUtil.get(SYS_CACHE, SCOPE_CACHE_CODE, permission + StringPool.COLON + roleId, List.class, Boolean.FALSE);
		if (permissions == null) {
			List