| ¶Ô±ÈÐÂÎļþ |
| | |
|---|
| | | /* |
|---|
| | | * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
|---|
| | | * |
|---|
| | | * Redistribution and use in source and binary forms, with or without |
|---|
| | | * modification, are permitted provided that the following conditions are met: |
|---|
| | | * |
|---|
| | | * Redistributions of source code must retain the above copyright notice, |
|---|
| | | * this list of conditions and the following disclaimer. |
|---|
| | | * Redistributions in binary form must reproduce the above copyright |
|---|
| | | * notice, this list of conditions and the following disclaimer in the |
|---|
| | | * documentation and/or other materials provided with the distribution. |
|---|
| | | * Neither the name of the dreamlu.net developer nor the names of its |
|---|
| | | * contributors may be used to endorse or promote products derived from |
|---|
| | | * this software without specific prior written permission. |
|---|
| | | * Author: Chill åºéª (smallchill@163.com) |
|---|
| | | */ |
|---|
| | | package org.springblade.core.secure.handler; |
|---|
| | | |
|---|
| | | import lombok.AllArgsConstructor; |
|---|
| | | import org.springblade.core.cache.utils.CacheUtil; |
|---|
| | | import org.springblade.core.secure.BladeUser; |
|---|
| | | import org.springblade.core.secure.utils.AuthUtil; |
|---|
| | | import org.springblade.core.tool.utils.Func; |
|---|
| | | import org.springblade.core.tool.utils.StringPool; |
|---|
| | | import org.springblade.core.tool.utils.WebUtil; |
|---|
| | | import org.springframework.jdbc.core.JdbcTemplate; |
|---|
| | | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import java.util.ArrayList; |
|---|
| | | import java.util.Collections; |
|---|
| | | import java.util.List; |
|---|
| | | |
|---|
| | | import static org.springblade.core.cache.constant.CacheConstant.SYS_CACHE; |
|---|
| | | import static org.springblade.core.secure.constant.PermissionConstant.permissionAllStatement; |
|---|
| | | import static org.springblade.core.secure.constant.PermissionConstant.permissionStatement; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * é»è®¤æææ ¡éªç±» |
|---|
| | | * |
|---|
| | | * @author Chill |
|---|
| | | */ |
|---|
| | | @AllArgsConstructor |
|---|
| | | public class BladePermissionHandler implements IPermissionHandler { |
|---|
| | | |
|---|
| | | private static final String SCOPE_CACHE_CODE = "apiScope:code:"; |
|---|
| | | |
|---|
| | | private final JdbcTemplate jdbcTemplate; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean permissionAll() { |
|---|
| | | HttpServletRequest request = WebUtil.getRequest(); |
|---|
| | | BladeUser user = AuthUtil.getUser(); |
|---|
| | | if (request == null || user == null) { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | String uri = request.getRequestURI(); |
|---|
| | | List<String> paths = permissionPath(user.getRoleId()); |
|---|
| | | if (paths.size() == 0) { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | return paths.stream().anyMatch(uri::contains); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean hasPermission(String permission) { |
|---|
| | | HttpServletRequest request = WebUtil.getRequest(); |
|---|
| | | BladeUser user = AuthUtil.getUser(); |
|---|
| | | if (request == null || user == null) { |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | List<String> codes = permissionCode(permission, user.getRoleId()); |
|---|
| | | return codes.size() != 0; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * è·åæ¥å£æéå°å |
|---|
| | | * |
|---|
| | | * @param roleId è§è²id |
|---|
| | | * @return permissions |
|---|
| | | */ |
|---|
| | | private List<String> permissionPath(String roleId) { |
|---|
| | | List<String> permissions = CacheUtil.get(SYS_CACHE, SCOPE_CACHE_CODE, roleId, List.class, Boolean.FALSE); |
|---|
| | | if (permissions == null) { |
|---|
| | | List<Long> roleIds = Func.toLongList(roleId); |
|---|
| | | permissions = jdbcTemplate.queryForList(permissionAllStatement(roleIds.size()), roleIds.toArray(), String.class); |
|---|
| | | CacheUtil.put(SYS_CACHE, SCOPE_CACHE_CODE, roleId, permissions, Boolean.FALSE); |
|---|
| | | } |
|---|
| | | return permissions; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * è·åæ¥å£æéä¿¡æ¯ |
|---|
| | | * |
|---|
| | | * @param permission æéç¼å· |
|---|
| | | * @param roleId è§è²id |
|---|
| | | * @return permissions |
|---|
| | | */ |
|---|
| | | private List<String> permissionCode(String permission, String roleId) { |
|---|
| | | List<String> permissions = CacheUtil.get(SYS_CACHE, SCOPE_CACHE_CODE, permission + StringPool.COLON + roleId, List.class, Boolean.FALSE); |
|---|
| | | if (permissions == null) { |
|---|
| | | List<Object> args = new ArrayList<>(Collections.singletonList(permission)); |
|---|
| | | List<Long> roleIds = Func.toLongList(roleId); |
|---|
| | | args.addAll(roleIds); |
|---|
| | | permissions = jdbcTemplate.queryForList(permissionStatement(roleIds.size()), args.toArray(), String.class); |
|---|
| | | CacheUtil.put(SYS_CACHE, SCOPE_CACHE_CODE, permission + StringPool.COLON + roleId, permissions, Boolean.FALSE); |
|---|
| | | } |
|---|
| | | return permissions; |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
