package com.jilongda.applet.security;

import com.jilongda.common.basic.ApiResult;
import com.jilongda.common.swagger.GlobalResultEnum;
import com.jilongda.common.utils.ResponseUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.MediaType;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 认证过的用户访问没有权限资源的处理
 *
 * @author xiaochen
 * @date
 */

@Component
@Slf4j
public class SecurityAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) {
        log.info(request.getRequestURL() + "没有权限");
        response.setCharacterEncoding("utf-8");
        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
        ResponseUtils.renderJson(response, ApiResult.status(GlobalResultEnum.FORBIDDEN));
    }
}