提交花城代码

mitao

2025-02-21 31573d6180d15ef65ed0df9c2732495f40b12663

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package com.panzhihua.zuul.filters;
 
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
 
import javax.annotation.Resource;
 
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
 
import com.alibaba.fastjson.JSONArray;
import com.panzhihua.common.constants.SecurityConstants;
import com.panzhihua.common.model.vos.MenuVO;
import com.panzhihua.common.model.vos.R;
import com.panzhihua.common.service.user.UserService;
 
import lombok.extern.slf4j.Slf4j;
 
/**
 * @program: springcloud_k8s_panzhihuazhihuishequ
 * @description: 权限
 * @author: huang.hongfa weixin hhf9596 qq 959656820
 * @create: 2020-11-25 15:08
 **/
@Slf4j
@Component
public class SercuritFilter implements FilterInvocationSecurityMetadataSource {
    @Resource
    private StringRedisTemplate stringRedisTemplate;
    @Resource
    private UserService userService;
    // 记录特定日志的声明
    private final Logger newLogger = LoggerFactory.getLogger("requestLog");
    /**
     * 获取当前url对应的角色
     * 
     * @param o
     *            请求url
     * @return 权限列表
     * @throws IllegalArgumentException
     *             异常
     */
    @Override
    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
        List<ConfigAttribute> configAttributes = new ArrayList<>();
        String requestUrl = ((FilterInvocation)o).getRequestUrl();
        log.info("接口请求地址【{}】", requestUrl);
        try {
            String remoteHost = ((FilterInvocation)o).getRequest().getRemoteHost();
            newLogger.info("IP:{},接口请求地址【{}】", remoteHost, requestUrl);
        } catch (Exception e) {
            log.info("zuul 访问信息解析错误：【{}】", e.getMessage());
        }
        Boolean aBoolean = stringRedisTemplate.hasKey(SecurityConstants.ROLE_ALL);
        ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
        List<MenuVO> menuVOS = new ArrayList<>();
        if (aBoolean) {
            String roleAll = valueOperations.get(SecurityConstants.ROLE_ALL);
            menuVOS = JSONArray.parseArray(roleAll, MenuVO.class);
        } else {
            R<List<MenuVO>> r = userService.getAllMenu();
            List<MenuVO> data = r.getData();
            if (!ObjectUtils.isEmpty(data)) {
                menuVOS = data;
                valueOperations.set(SecurityConstants.ROLE_ALL, JSONArray.toJSONString(data), 24, TimeUnit.HOURS);
            }
        }
        if (!ObjectUtils.isEmpty(menuVOS)) {
            List<MenuVO> collect =
                menuVOS.stream().filter(menuVO -> menuVO.getUrl().equals(requestUrl)).collect(Collectors.toList());
            if (!ObjectUtils.isEmpty(collect)) {
                collect.forEach(menuVO -> {
                    configAttributes.add(new SecurityConfig(menuVO.getRole()));
                });
            }
        }
        boolean contains = requestUrl.contains("/api/applets/");
        boolean docs = !requestUrl.contains("docs");
        boolean login = !requestUrl.contains("login");
        boolean wxNotify = !requestUrl.contains("wxNotify");
        boolean wxCgi = !requestUrl.contains("cgi");
        boolean isShop = !requestUrl.contains("isShop");
        boolean refreshToken = !requestUrl.contains("refreshToken");
        boolean noToken = !requestUrl.contains("noToken");
        boolean useragreement = !requestUrl.contains("useragreement");
        boolean listadvertisement = !requestUrl.contains("listadvertisement");
        // boolean pageworkguide = !requestUrl.contains("applets/workguide/pageworkguide");
        // boolean detailworkguide = !requestUrl.contains("applets/workguide/detailworkguide");
        // boolean pagedynamic = !requestUrl.contains("applets/partybuilding/pagedynamic");
        // boolean infodynamic = !requestUrl.contains("applets/partybuilding/infodynamic");
        if (contains && docs && login && refreshToken && useragreement && wxNotify && wxCgi && isShop
            && listadvertisement && noToken) {
            configAttributes.add(new SecurityConfig(SecurityConstants.ROLE_APPLETS));
        }
        return configAttributes;
    }
 
    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }
 
    @Override
    public boolean supports(Class<?> aClass) {
        return false;
    }
}