From d8255edf84d4bb935178f5c739ea588b1721f02a Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Wed, 01 Nov 2023 16:02:53 +0800
Subject: [PATCH] 新增编程式判断资源访问权限
---
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java | 38 ++++++++++++++------------------------
1 files changed, 14 insertions(+), 24 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
index 2b7ad7e..6892467 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PermissionService.java
@@ -1,13 +1,14 @@
package com.ruoyi.framework.web.service;
import java.util.Set;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
+import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.SecurityUtils;
import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.security.context.PermissionContextHolder;
/**
* RuoYi首创 自定义权限实现,ss取自SpringSecurity首字母
@@ -17,19 +18,6 @@
@Service("ss")
public class PermissionService
{
- /** 所有权限标识 */
- private static final String ALL_PERMISSION = "*:*:*";
-
- /** 管理员角色权限标识 */
- private static final String SUPER_ADMIN = "admin";
-
- private static final String ROLE_DELIMETER = ",";
-
- private static final String PERMISSION_DELIMETER = ",";
-
- @Autowired
- private TokenService tokenService;
-
/**
* 验证用户是否具备某权限
*
@@ -42,11 +30,12 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
}
+ PermissionContextHolder.setContext(permission);
return hasPermissions(loginUser.getPermissions(), permission);
}
@@ -64,7 +53,7 @@
/**
* 验证用户是否具有以下任意一个权限
*
- * @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表
+ * @param permissions 以 PERMISSION_DELIMETER 为分隔符的权限列表
* @return 用户是否具有以下任意一个权限
*/
public boolean hasAnyPermi(String permissions)
@@ -73,13 +62,14 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions()))
{
return false;
}
+ PermissionContextHolder.setContext(permissions);
Set<String> authorities = loginUser.getPermissions();
- for (String permission : permissions.split(PERMISSION_DELIMETER))
+ for (String permission : permissions.split(Constants.PERMISSION_DELIMETER))
{
if (permission != null && hasPermissions(authorities, permission))
{
@@ -101,7 +91,7 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;
@@ -109,7 +99,7 @@
for (SysRole sysRole : loginUser.getUser().getRoles())
{
String roleKey = sysRole.getRoleKey();
- if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(StringUtils.trim(role)))
+ if (Constants.SUPER_ADMIN.equals(roleKey) || roleKey.equals(StringUtils.trim(role)))
{
return true;
}
@@ -140,12 +130,12 @@
{
return false;
}
- LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+ LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
{
return false;
}
- for (String role : roles.split(ROLE_DELIMETER))
+ for (String role : roles.split(Constants.ROLE_DELIMETER))
{
if (hasRole(role))
{
@@ -164,6 +154,6 @@
*/
private boolean hasPermissions(Set<String> permissions, String permission)
{
- return permissions.contains(ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
+ return permissions.contains(Constants.ALL_PERMISSION) || permissions.contains(StringUtils.trim(permission));
}
}
--
Gitblit v1.9.2