From 179c4d64313c9b7572778da4aaaf6c6584fe457d Mon Sep 17 00:00:00 2001
From: mitao <2763622819@qq.com>
Date: 星期二, 20 五月 2025 23:48:08 +0800
Subject: [PATCH] 修改文件上传类型限制

---
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/manager/RoleAccessDecisionManager.java |   57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 57 insertions(+), 0 deletions(-)

diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/manager/RoleAccessDecisionManager.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/manager/RoleAccessDecisionManager.java
new file mode 100644
index 0000000..cce33f9
--- /dev/null
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/manager/RoleAccessDecisionManager.java
@@ -0,0 +1,57 @@
+package com.panzhihua.zuul.manager;
+
+import java.util.Collection;
+
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.authentication.InsufficientAuthenticationException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.stereotype.Component;
+
+/**
+ * @program: springcloud_k8s_panzhihuazhihuishequ
+ * @description: 权限判断
+ * @author: huang.hongfa weixin hhf9596 qq 959656820
+ * @create: 2020-11-25 16:19
+ **/
+@Component
+public class RoleAccessDecisionManager implements AccessDecisionManager {
+    /**
+     * decide 方法是判定是否拥有权限的决策方法，
+     * 
+     * @param authentication
+     *            当前用户的信息
+     * @param o
+     *            包含客户端发起的请求的requset信息
+     * @param collection
+     *            当前路径对应的权限
+     * @throws AccessDeniedException
+     *             无权限
+     * @throws InsufficientAuthenticationException
+     */
+    @Override
+    public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection)
+        throws AccessDeniedException, InsufficientAuthenticationException {
+        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
+        for (GrantedAuthority authority : authorities) {
+            for (ConfigAttribute c : collection) {
+                if (c.getAttribute().equals(authority.getAuthority())) {
+                    return;
+                }
+            }
+        }
+        throw new AccessDeniedException("当前访问没有权限");
+    }
+
+    @Override
+    public boolean supports(ConfigAttribute configAttribute) {
+        return false;
+    }
+
+    @Override
+    public boolean supports(Class<?> aClass) {
+        return false;
+    }
+}

--
Gitblit v1.7.1