package com.panzhihua.zuul.filters; import java.util.ArrayList; import java.util.Collection; import java.util.List; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; import javax.annotation.Resource; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.data.redis.core.ValueOperations; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import org.springframework.stereotype.Component; import org.springframework.util.ObjectUtils; import com.alibaba.fastjson.JSONArray; import com.panzhihua.common.constants.SecurityConstants; import com.panzhihua.common.model.vos.MenuVO; import com.panzhihua.common.model.vos.R; import com.panzhihua.common.service.user.UserService; import lombok.extern.slf4j.Slf4j; /** * @program: springcloud_k8s_panzhihuazhihuishequ * @description: 权限 * @author: huang.hongfa weixin hhf9596 qq 959656820 * @create: 2020-11-25 15:08 **/ @Slf4j @Component public class SercuritFilter implements FilterInvocationSecurityMetadataSource { @Resource private StringRedisTemplate stringRedisTemplate; @Resource private UserService userService; // 记录特定日志的声明 private final Logger newLogger = LoggerFactory.getLogger("requestLog"); /** * 获取当前url对应的角色 * * @param o * 请求url * @return 权限列表 * @throws IllegalArgumentException * 异常 */ @Override public Collection getAttributes(Object o) throws IllegalArgumentException { List configAttributes = new ArrayList<>(); String requestUrl = ((FilterInvocation)o).getRequestUrl(); log.info("接口请求地址【{}】", requestUrl); try { String remoteHost = ((FilterInvocation)o).getRequest().getRemoteHost(); newLogger.info("IP:{},接口请求地址【{}】", remoteHost, requestUrl); } catch (Exception e) { log.info("zuul 访问信息解析错误:【{}】", e.getMessage()); } Boolean aBoolean = stringRedisTemplate.hasKey(SecurityConstants.ROLE_ALL); ValueOperations valueOperations = stringRedisTemplate.opsForValue(); List menuVOS = new ArrayList<>(); if (aBoolean) { String roleAll = valueOperations.get(SecurityConstants.ROLE_ALL); menuVOS = JSONArray.parseArray(roleAll, MenuVO.class); } else { R> r = userService.getAllMenu(); List data = r.getData(); if (!ObjectUtils.isEmpty(data)) { menuVOS = data; valueOperations.set(SecurityConstants.ROLE_ALL, JSONArray.toJSONString(data), 24, TimeUnit.HOURS); } } if (!ObjectUtils.isEmpty(menuVOS)) { List collect = menuVOS.stream().filter(menuVO -> menuVO.getUrl().equals(requestUrl)).collect(Collectors.toList()); if (!ObjectUtils.isEmpty(collect)) { collect.forEach(menuVO -> { configAttributes.add(new SecurityConfig(menuVO.getRole())); }); } } boolean contains = requestUrl.contains("/api/applets/"); boolean docs = !requestUrl.contains("docs"); boolean login = !requestUrl.contains("login"); boolean wxNotify = !requestUrl.contains("wxNotify"); boolean wxCgi = !requestUrl.contains("cgi"); boolean isShop = !requestUrl.contains("isShop"); boolean refreshToken = !requestUrl.contains("refreshToken"); boolean noToken = !requestUrl.contains("noToken"); boolean useragreement = !requestUrl.contains("useragreement"); boolean listadvertisement = !requestUrl.contains("listadvertisement"); // boolean pageworkguide = !requestUrl.contains("applets/workguide/pageworkguide"); // boolean detailworkguide = !requestUrl.contains("applets/workguide/detailworkguide"); // boolean pagedynamic = !requestUrl.contains("applets/partybuilding/pagedynamic"); // boolean infodynamic = !requestUrl.contains("applets/partybuilding/infodynamic"); if (contains && docs && login && refreshToken && useragreement && wxNotify && wxCgi && isShop && listadvertisement && noToken) { configAttributes.add(new SecurityConfig(SecurityConstants.ROLE_APPLETS)); } return configAttributes; } @Override public Collection getAllConfigAttributes() { return null; } @Override public boolean supports(Class aClass) { return false; } }