Strona główna Odkrywaj Pomoc
Zaloguj się
iot
/
hsweb-framework
4
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

修改异常命名

zhouhao 7 lat temu
rodzic
d7f84f399b
commit
4c6108550a
4 zmienionych plików z 16 dodań i 12 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 0 1
      hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
  2. 6 6
      hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
  3. 3 3
      hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/RestControllerExceptionTranslator.java
  4. 7 2
      hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java

+ 0 - 1
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
Wyświetl plik 

@@ -6,7 +6,6 @@ import org.hswebframework.web.authorization.Authentication;
 
 import org.hswebframework.web.authorization.define.AuthorizingContext;
 
 import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler;
 
 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
 
-import org.hswebframework.web.authorization.exception.AuthorizationException;
 
 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
 
 import org.hswebframework.web.boost.aop.context.MethodInterceptorHolder;
 
 import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;

+ 6 - 6
hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
Wyświetl plik 

@@ -11,7 +11,7 @@ import org.hswebframework.web.authorization.access.DataAccessController;
 
 import org.hswebframework.web.authorization.annotation.Logical;
 
 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
 
 import org.hswebframework.web.authorization.define.AuthorizingContext;
 
-import org.hswebframework.web.authorization.exception.AuthorizationException;
 
+import org.hswebframework.web.authorization.exception.AccessDenyException;
 
 import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
 
 import org.slf4j.Logger;
 
 import org.slf4j.LoggerFactory;
 
@@ -80,7 +80,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
         //调用控制器进行验证
 
         boolean isAccess = function.apply(access -> finalAccessController.doAccess(access, context));
 
         if (!isAccess) {
 
-            throw new AuthorizationException(context.getDefinition().getMessage());
 
+            throw new AccessDenyException(context.getDefinition().getMessage());
 
         }
 
 
     }
 
@@ -91,21 +91,21 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
 
             DynamicScriptEngine engine = DynamicScriptEngineFactory.getEngine(definition.getScript().getLanguage());
 
             if (null == engine) {
 
-                throw new AuthorizationException("{unknown_engine}:" + definition.getScript().getLanguage());
 
+                throw new AccessDenyException("{unknown_engine}:" + definition.getScript().getLanguage());
 
             }
 
             if (!engine.compiled(scriptId)) {
 
                 try {
 
                     engine.compile(scriptId, definition.getScript().getScript());
 
                 } catch (Exception e) {
 
                     logger.error("express compile error", e);
 
-                    throw new AuthorizationException("{expression_error}");
 
+                    throw new AccessDenyException("{expression_error}");
 
                 }
 
             }
 
             Map<String, Object> var = new HashMap<>(paramContext.getParams());
 
             var.put("auth", authentication);
 
             Object success = engine.execute(scriptId, var).get();
 
             if (!(success instanceof Boolean) || !((Boolean) success)) {
 
-                throw new AuthorizationException(definition.getMessage());
 
+                throw new AccessDenyException(definition.getMessage());
 
             }
 
         }
 
     }
 
@@ -171,7 +171,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {
 
             access = func.apply(authentication.getUser().getUsername()::equals);
 
         }
 
         if (!access) {
 
-            throw new AuthorizationException(definition.getMessage());
 
+            throw new AccessDenyException(definition.getMessage());
 
         }
 
     }
 
 }

+ 3 - 3
hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/RestControllerExceptionTranslator.java
Wyświetl plik 

@@ -20,7 +20,7 @@ package org.hswebframework.web.starter;
 
 import com.alibaba.fastjson.JSONException;
 
 import org.hswebframework.web.BusinessException;
 
 import org.hswebframework.web.NotFoundException;
 
-import org.hswebframework.web.authorization.exception.AuthorizationException;
 
+import org.hswebframework.web.authorization.exception.AccessDenyException;
 
 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
 
 import org.hswebframework.web.controller.message.ResponseMessage;
 
 import org.hswebframework.web.validate.SimpleValidateResults;
 
@@ -83,10 +83,10 @@ public class RestControllerExceptionTranslator {
 
         return ResponseMessage.error(401, exception.getMessage());
 
     }
 
 
-    @ExceptionHandler(AuthorizationException.class)
 
+    @ExceptionHandler(AccessDenyException.class)
 
     @ResponseStatus(HttpStatus.FORBIDDEN)
 
     @ResponseBody
 
-    ResponseMessage handleException(AuthorizationException exception) {
 
+    ResponseMessage handleException(AccessDenyException exception) {
 
         return ResponseMessage.error(403, exception.getMessage());
 
     }

+ 7 - 2
hsweb-system/hsweb-system-authorization/hsweb-system-authorization-service/hsweb-system-authorization-service-simple/src/main/java/org/hswebframework/web/service/authorization/simple/SimpleAuthorizationSettingService.java
Wyświetl plik 

@@ -317,13 +317,18 @@ public class SimpleAuthorizationSettingService extends GenericEntityService<Auth
 
                 detail.setDataAccesses(detail
 
                         .getDataAccesses()
 
                         .stream()
 
-                        .filter(access -> entity.getSupportDataAccessTypes().contains(access.getType()))
 
+                        .filter(access ->
 
+                                //以设置支持的权限开头就认为拥有该权限
 
+                                //比如支持的权限为CUSTOM_SCOPE_ORG_SCOPE
 
+                                //设置的权限为CUSTOM_SCOPE 则通过检验
 
+                                entity.getSupportDataAccessTypes().stream()
 
+                                        .anyMatch(type -> type.startsWith(access.getType())))
 
                         .collect(Collectors.toList()));
 
             }
 
             return true;
 
         }).collect(Collectors.toList());
 
 
-        //权限
 
+        //全部权限设置
 
         Map<String, List<AuthorizationSettingDetailEntity>> settings = detailList
 
                 .stream()
 
                 .collect(Collectors.groupingBy(AuthorizationSettingDetailEntity::getPermissionId));