108 lines
3.7 KiB
Java
108 lines
3.7 KiB
Java
package com.yutou.tools.AuthConfig;
|
|
|
|
import com.alibaba.fastjson.JSONArray;
|
|
import com.yutou.tools.mybatis.dao.PermissionDao;
|
|
import com.yutou.tools.mybatis.dao.UKeyDao;
|
|
import com.yutou.tools.mybatis.model.Permission;
|
|
import com.yutou.tools.mybatis.model.PermissionExample;
|
|
import com.yutou.tools.mybatis.model.UKey;
|
|
import com.yutou.tools.mybatis.model.UKeyExample;
|
|
import com.yutou.tools.utils.RedisTools;
|
|
import com.yutou.tools.utils.Tools;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.security.access.AccessDecisionManager;
|
|
import org.springframework.security.access.AccessDeniedException;
|
|
import org.springframework.security.access.ConfigAttribute;
|
|
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
|
import org.springframework.security.core.Authentication;
|
|
import org.springframework.security.web.FilterInvocation;
|
|
import org.springframework.stereotype.Component;
|
|
|
|
import java.util.Collection;
|
|
import java.util.List;
|
|
|
|
@Component
|
|
public class RoleAccessDecisionManager implements AccessDecisionManager {
|
|
UKeyDao keyDao;
|
|
PermissionDao permissionDao;
|
|
|
|
@Autowired
|
|
public RoleAccessDecisionManager(UKeyDao keyDao, PermissionDao permissionDao) {
|
|
this.keyDao = keyDao;
|
|
this.permissionDao = permissionDao;
|
|
}
|
|
|
|
|
|
@Override
|
|
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
|
String url= ((FilterInvocation) o).getHttpRequest().getRequestURI();
|
|
String token=((FilterInvocation) o).getHttpRequest().getParameter("token");
|
|
String musicShare=((FilterInvocation) o).getHttpRequest().getParameter("share");
|
|
|
|
switch (url){
|
|
case "/login/sendCaptcha.do":
|
|
case "/login/check.do":
|
|
return;
|
|
}
|
|
if(url.startsWith("/public/")){
|
|
return;
|
|
}
|
|
if(!Tools.isAdminLogin()){
|
|
String redis=RedisTools.get(musicShare);
|
|
if(redis!=null&&!"-999".equals(redis)){
|
|
authentication.setAuthenticated(true);
|
|
return;
|
|
}
|
|
if(token==null){
|
|
error();
|
|
return;
|
|
}
|
|
try {
|
|
url = url.split(url.split("/")[url.split("/").length - 1])[0];
|
|
} catch (Exception e) {
|
|
error();
|
|
return;
|
|
}
|
|
UKeyExample example = new UKeyExample();
|
|
example.createCriteria().andKeyEqualTo(token);
|
|
List<UKey> list = keyDao.selectByExample(example);
|
|
if(list.isEmpty()){
|
|
error();
|
|
return;
|
|
}
|
|
UKey key = list.get(0);
|
|
JSONArray powers = JSONArray.parseArray(key.getPower());
|
|
if(powers.toJavaList(String.class).contains("-1")){
|
|
return;
|
|
}
|
|
PermissionExample pExample = new PermissionExample();
|
|
pExample.createCriteria().andUrlEqualTo(url);
|
|
List<Permission> permissions = permissionDao.selectByExample(pExample);
|
|
if (!permissions.isEmpty()) {
|
|
if (!powers.toJavaList(String.class).contains(permissions.get(0).getId()+"")) {
|
|
error();
|
|
}else{
|
|
authentication.setAuthenticated(true);
|
|
}
|
|
}else{
|
|
error();
|
|
}
|
|
}
|
|
}
|
|
|
|
private void error() {
|
|
System.out.println("无权限跳转");
|
|
throw new AccessDeniedException("/");
|
|
}
|
|
|
|
@Override
|
|
public boolean supports(ConfigAttribute configAttribute) {
|
|
return true;
|
|
}
|
|
|
|
@Override
|
|
public boolean supports(Class<?> aClass) {
|
|
return true;
|
|
}
|
|
}
|