java/zhihuishenqu.git

			@@ -65,61 +65,63 @@

			// token解析
			Claims claims = JWTTokenUtil.getClaimsFromToken(token);
			String username = claims.getSubject();
			int type = (Integer) claims.get("type");
			if (1 == type) {//小程序用户统一角色
			String requestURI = request.getRequestURI();
			String requestMethod = request.getMethod().toLowerCase();
			if(claims!=null) {//检查token有效
			String username = claims.getSubject();
			int type = (Integer) claims.get("type");
			if (1 == type) {//小程序用户统一角色
			String requestURI = request.getRequestURI();
			String requestMethod = request.getMethod().toLowerCase();

			ServletContext context = request.getServletContext();
			ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
			stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);
			ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
			String appletUserRoleKey = SecurityConstants.ROLE_APPLETS_USER + username;
			Boolean userHasRole = stringRedisTemplate.hasKey(appletUserRoleKey);
			ServletContext context = request.getServletContext();
			ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
			stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);
			ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
			String appletUserRoleKey = SecurityConstants.ROLE_APPLETS_USER + username;
			Boolean userHasRole = stringRedisTemplate.hasKey(appletUserRoleKey);

			boolean needCheck = false;
			List<String> checkedUrl = realNamedConfig.getVerify();
			checkedUrl = checkedUrl!=null?checkedUrl:new ArrayList<>();
			for (int i = 0; i < checkedUrl.size(); i++) {
			String url = checkedUrl.get(i);
			if (url.toLowerCase().startsWith(requestMethod) && url.endsWith(requestURI)) {
			needCheck = true;
			} else {
			continue;
			}
			}
			if (needCheck) {
			if (userHasRole) {
			boolean userHashRight = false;
			try {
			String roles = valueOperations.get(appletUserRoleKey);
			List<SimpleGrantedAuthority> authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
			if (authorities != null && authorities.size() > 0) {
			AtomicBoolean userHasRightRole = new AtomicBoolean(false);
			authorities.forEach(authority -> {
			if (authority.getAuthority().equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
			userHasRightRole.set(true);
			}
			});
			if (userHasRightRole.get()) {
			//用户包含“已实名”角色，则放行什么也不做
			userHashRight = true;
			}
			}
			} catch (Exception e) {
			userHashRight = false;
			boolean needCheck = false;
			List<String> checkedUrl = realNamedConfig.getVerify();
			checkedUrl = checkedUrl != null ? checkedUrl : new ArrayList<>();
			for (int i = 0; i < checkedUrl.size(); i++) {
			String url = checkedUrl.get(i);
			if (url.toLowerCase().startsWith(requestMethod) && url.endsWith(requestURI)) {
			needCheck = true;
			} else {
			continue;
			}
			}
			if (needCheck) {
			if (userHasRole) {
			boolean userHashRight = false;
			try {
			String roles = valueOperations.get(appletUserRoleKey);
			List<SimpleGrantedAuthority> authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
			if (authorities != null && authorities.size() > 0) {
			AtomicBoolean userHasRightRole = new AtomicBoolean(false);
			authorities.forEach(authority -> {
			if (authority.getAuthority().equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
			userHasRightRole.set(true);
			}
			});
			if (userHasRightRole.get()) {
			//用户包含“已实名”角色，则放行什么也不做
			userHashRight = true;
			}
			}
			} catch (Exception e) {
			userHashRight = false;
			}

			if (!userHashRight) {
			if (!userHashRight) {
			ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
			return;
			}
			} else {
			ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
			return;
			}
			}else{
			ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
			return;
			}

			}
			}
			}
			}