package com.panzhihua.zuul.filters;
|
|
import com.alibaba.fastjson.JSONArray;
|
import com.panzhihua.common.constants.SecurityConstants;
|
import com.panzhihua.common.constants.UserConstants;
|
import com.panzhihua.common.model.vos.MenuVO;
|
import com.panzhihua.common.model.vos.R;
|
import com.panzhihua.common.service.user.UserService;
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
import org.springframework.data.redis.core.ValueOperations;
|
import org.springframework.security.access.ConfigAttribute;
|
import org.springframework.security.access.SecurityConfig;
|
import org.springframework.security.web.FilterInvocation;
|
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
import org.springframework.stereotype.Component;
|
import org.springframework.util.ObjectUtils;
|
|
import javax.annotation.Resource;
|
import java.util.ArrayList;
|
import java.util.Collection;
|
import java.util.List;
|
import java.util.concurrent.TimeUnit;
|
import java.util.stream.Collectors;
|
|
/**
|
* @program: springcloud_k8s_panzhihuazhihuishequ
|
* @description: 权限
|
* @author: huang.hongfa weixin hhf9596 qq 959656820
|
* @create: 2020-11-25 15:08
|
**/
|
@Slf4j
|
@Component
|
public class SercuritFilter implements FilterInvocationSecurityMetadataSource {
|
@Resource
|
private StringRedisTemplate stringRedisTemplate;
|
@Resource
|
private UserService userService;
|
|
/**
|
* 获取当前url对应的角色
|
* @param o 请求url
|
* @return 权限列表
|
* @throws IllegalArgumentException 异常
|
*/
|
@Override
|
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
|
List<ConfigAttribute> configAttributes=new ArrayList<>();
|
String requestUrl = ((FilterInvocation) o).getRequestUrl();
|
log.info("接口请求地址【{}】",requestUrl);
|
Boolean aBoolean = stringRedisTemplate.hasKey(SecurityConstants.ROLE_ALL);
|
ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
|
List<MenuVO> menuVOS=new ArrayList<>();
|
if (aBoolean) {
|
String roleAll = valueOperations.get(SecurityConstants.ROLE_ALL);
|
menuVOS= JSONArray.parseArray(roleAll,MenuVO.class);
|
}else{
|
R<List<MenuVO>> r = userService.getAllMenu();
|
List<MenuVO> data = (List<MenuVO>)r.getData();
|
if (!ObjectUtils.isEmpty(data)) {
|
menuVOS=data;
|
valueOperations.set(SecurityConstants.ROLE_ALL,JSONArray.toJSONString(data),24, TimeUnit.HOURS);
|
}
|
}
|
if (!ObjectUtils.isEmpty(menuVOS)) {
|
List<MenuVO> collect = menuVOS.stream().filter(menuVO -> menuVO.getUrl().equals(requestUrl)).collect(Collectors.toList());
|
if (!ObjectUtils.isEmpty(collect)) {
|
collect.forEach(menuVO -> {
|
configAttributes.add(new SecurityConfig(menuVO.getRole()));
|
});
|
}
|
}
|
boolean contains = requestUrl.contains("/api/applets/");
|
boolean docs = !requestUrl.contains("docs");
|
boolean login = !requestUrl.contains("login");
|
boolean wxNotify = !requestUrl.contains("wxNotify");
|
boolean refreshToken = !requestUrl.contains("refreshToken");
|
boolean useragreement = !requestUrl.contains("useragreement");
|
if (contains&&docs&&login&&refreshToken&&useragreement&&wxNotify) {
|
configAttributes.add(new SecurityConfig(SecurityConstants.ROLE_APPLETS));
|
}
|
return configAttributes;
|
}
|
|
@Override
|
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
return null;
|
}
|
|
@Override
|
public boolean supports(Class<?> aClass) {
|
return false;
|
}
|
}
|
