52 lines
1.8 KiB
Java
52 lines
1.8 KiB
Java
package com.common.aspect;
|
|
|
|
import com.common.annotation.Auth;
|
|
import com.common.constant.AccessRole;
|
|
import com.common.vo.BackendUserVO;
|
|
import com.rbac.service.AuthService;
|
|
import org.aspectj.lang.JoinPoint;
|
|
import org.aspectj.lang.annotation.Aspect;
|
|
import org.aspectj.lang.annotation.Before;
|
|
import org.aspectj.lang.annotation.Pointcut;
|
|
import org.aspectj.lang.reflect.MethodSignature;
|
|
import org.springframework.stereotype.Component;
|
|
import org.springframework.web.context.request.RequestContextHolder;
|
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
|
|
|
import javax.annotation.Resource;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import java.lang.reflect.Method;
|
|
|
|
@Aspect
|
|
@Component
|
|
public class AuthAspect {
|
|
|
|
@Resource
|
|
AuthService authService;
|
|
|
|
@Pointcut("@annotation(com.common.annotation.Auth)")
|
|
private void pointcut() {
|
|
}
|
|
|
|
// 前置通知
|
|
@Before("pointcut()")
|
|
public void beforeCall(JoinPoint joinPoint) {
|
|
ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
|
|
HttpServletRequest request = requestAttributes.getRequest();
|
|
BackendUserVO backendUser = (BackendUserVO) request.getAttribute("backendUser");
|
|
// 获取注解中的参数值
|
|
MethodSignature methodSignature = (MethodSignature) joinPoint.getSignature();
|
|
Method method = methodSignature.getMethod();
|
|
// 获取注解
|
|
Auth annotation = method.getAnnotation(Auth.class);
|
|
// 获取注解参数的值
|
|
AccessRole role = annotation.role();
|
|
// 验证帐号的合法性
|
|
authService.checkUserStatus(backendUser, role);
|
|
String callUrl = request.getRequestURI();
|
|
// 校验权限
|
|
//authService.checkUserPermission(backendUser, callUrl);
|
|
}
|
|
|
|
}
|