From 5dacdee9b54c78372b68140e2b068d03a620eab9 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期三, 02 七月 2025 19:00:52 +0800
Subject: [PATCH] 修改bug
---
ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/core/beetl/ShiroExtUtil.java | 144 +++++++++++++++++++++++++++--------------------
1 files changed, 82 insertions(+), 62 deletions(-)
diff --git a/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/core/beetl/ShiroExtUtil.java b/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/core/beetl/ShiroExtUtil.java
index 04cc4b8..bb560ab 100644
--- a/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/core/beetl/ShiroExtUtil.java
+++ b/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/core/beetl/ShiroExtUtil.java
@@ -15,73 +15,39 @@
*/
package com.stylefeng.guns.core.beetl;
+import com.alibaba.fastjson.JSON;
import com.stylefeng.guns.core.common.exception.BizExceptionEnum;
import com.stylefeng.guns.core.exception.GunsException;
import com.stylefeng.guns.core.shiro.ShiroUser;
+import com.stylefeng.guns.modular.system.warpper.LoginUser;
+import org.apache.commons.codec.binary.Base64;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
-import java.util.HashMap;
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.io.UnsupportedEncodingException;
import java.util.List;
-import java.util.Map;
+@Component
public class ShiroExtUtil {
- private static final String NAMES_DELIMETER = ",";
+ private final String NAMES_DELIMETER = ",";
- public static Map<String, ShiroUser> map = new HashMap<>();
-
- /**
- * 获取当前 Subject
- *
- * @return Subject
- */
- protected static Subject getSubject() {
- return SecurityUtils.getSubject();
- }
-
- /**
- * 获取封装的 ShiroUser
- *
- * @return ShiroUser
- */
- public static ShiroUser getUser() {
- String sessionId = RequestContextHolder.currentRequestAttributes().getSessionId();
- ShiroUser shiroUser = map.get(sessionId);
- if(null == shiroUser){
- throw new GunsException(BizExceptionEnum.TOKEN_ERROR);
- }
- return shiroUser;
- }
-
- /**
- * 验证当前用户是否属于该角色?,使用时与lacksRole 搭配使用
- *
- * @param roleName 角色名
- * @return 属于该角色:true,否则false
- */
- public boolean hasRole(String roleName) {
- return getSubject() != null && roleName != null
- && roleName.length() > 0 && getSubject().hasRole(roleName);
- }
-
- /**
- * 与hasRole标签逻辑相反,当用户不属于该角色时验证通过。
- *
- * @param roleName 角色名
- * @return 不属于该角色:true,否则false
- */
- public boolean lacksRole(String roleName) {
- return !hasRole(roleName);
- }
-
+ @Resource
+ private RedisTemplate<String, String> redisTemplate;
+
/**
* 验证当前用户是否属于以下任意一个角色。
*
* @param roleNames 角色列表
* @return 属于:true,否则false
*/
- public static boolean hasAnyRoles(String roleNames) {
+ public boolean hasAnyRoles(String roleNames) {
boolean hasAnyRole = false;
ShiroUser user = getUser();
if (user != null && roleNames != null && roleNames.length() > 0) {
@@ -95,7 +61,62 @@
}
return hasAnyRole;
}
-
+
+ /**
+ * 获取封装的 ShiroUser
+ *
+ * @return ShiroUser
+ */
+ public ShiroUser getUser() {
+ ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+ if (attrs != null) {
+ HttpServletRequest request = attrs.getRequest();
+ HttpSession session = request.getSession();
+ String onconParam = edu.yale.its.tp.cas.client.Util.getOnconParam(session);
+ try {
+ onconParam = new String(Base64.decodeBase64(onconParam), "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ LoginUser loginUser = JSON.parseObject(onconParam, LoginUser.class);
+ System.out.println("当前登录用户:" + JSON.toJSONString(loginUser));
+ String shiroUser = redisTemplate.opsForValue().get(loginUser.getOnconUUID());
+ System.out.println("当前登录用户缓存数据:" + shiroUser);
+ return JSON.parseObject(shiroUser, ShiroUser.class);
+ }
+ throw new GunsException(BizExceptionEnum.TOKEN_ERROR);
+ }
+
+ /**
+ * 与hasRole标签逻辑相反,当用户不属于该角色时验证通过。
+ *
+ * @param roleName 角色名
+ * @return 不属于该角色:true,否则false
+ */
+ public boolean lacksRole(String roleName) {
+ return !hasRole(roleName);
+ }
+
+ /**
+ * 验证当前用户是否属于该角色?,使用时与lacksRole 搭配使用
+ *
+ * @param roleName 角色名
+ * @return 属于该角色:true,否则false
+ */
+ public boolean hasRole(String roleName) {
+ return getSubject() != null && roleName != null
+ && roleName.length() > 0 && getSubject().hasRole(roleName);
+ }
+
+ /**
+ * 获取当前 Subject
+ *
+ * @return Subject
+ */
+ protected Subject getSubject() {
+ return SecurityUtils.getSubject();
+ }
+
/**
* 验证当前用户是否属于以下所有角色。
*
@@ -115,24 +136,24 @@
}
return hasAllRole;
}
-
+
/**
* 验证当前用户是否拥有指定权限,使用时与lacksPermission 搭配使用
*
* @param permission 权限名
* @return 拥有权限:true,否则false
*/
- public static boolean hasPermission(String permission) {
+ public boolean hasPermission(String permission) {
ShiroUser user = getUser();
- if(null == user){
+ if (null == user) {
return false;
}
- if(user.isAdmin()){
+ if (user.isAdmin()) {
return true;
}
return user.getMenuIds().contains(permission);
}
-
+
/**
* 与hasPermission标签逻辑相反,当前用户没有制定权限时,验证通过。
*
@@ -142,7 +163,7 @@
public boolean lacksPermission(String permission) {
return !hasPermission(permission);
}
-
+
/**
* 已认证通过的用户。不包含已记住的用户,这是与user标签的区别所在。与notAuthenticated搭配使用
*
@@ -151,7 +172,7 @@
public boolean authenticated() {
return getSubject() != null && getSubject().isAuthenticated();
}
-
+
/**
* 未认证通过用户,与authenticated标签相对应。与guest标签的区别是,该标签包含已记住用户。。
*
@@ -160,7 +181,7 @@
public boolean notAuthenticated() {
return !authenticated();
}
-
+
/**
* 认证通过或已记住的用户。与guset搭配使用。
*
@@ -169,7 +190,7 @@
public boolean isUser() {
return getSubject() != null && getSubject().getPrincipal() != null;
}
-
+
/**
* 验证当前用户是否为“访客”,即未认证(包含未记住)的用户。用user搭配使用
*
@@ -178,7 +199,7 @@
public boolean isGuest() {
return !isUser();
}
-
+
/**
* 输出当前用户信息,通常为登录帐号信息。
*
@@ -191,7 +212,6 @@
}
return "";
}
-
}
--
Gitblit v1.7.1