Почетна Преглед Помоћ
Пријавите се
iot
/
hsweb-framework
4
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Преглед изворни кода

优化权限控制,数据权限控制属性能与Authorize注解进行合并

zhouhao пре 8 година
родитељ
5c50018e96
комит
dcfadfbe5b
3 измењених фајлова са 26 додато и 12 уклоњено
Подељен поглед Покажи статистику Diff
  1. 3 3
      hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresDataAccess.java
  2. 14 2
      hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/DataAccessAnnotationMethodInterceptor.java
  3. 9 7
      hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java

+ 3 - 3
hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresDataAccess.java
Прегледај датотеку 

@@ -39,13 +39,13 @@ import java.lang.annotation.*;
 
 public @interface RequiresDataAccess {
 
 
     /**
 
-     * @return permission id
 
+     * @return permission id ,如果为空将继承 {@link Authorize#permission()}
 
      * @see Permission#getId()
 
      */
 
-    String permission();
 
+    String permission() default "";
 
 
     /**
 
-     * @return action array
 
+     * @return action array ,如果为空将继承 {@link Authorize#action()}
 
      * @see DataAccessConfig#getAction()
 
      */
 
     String[] action() default {};

+ 14 - 2
hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/DataAccessAnnotationMethodInterceptor.java
Прегледај датотеку 

@@ -28,6 +28,7 @@ import org.hswebframework.web.authorization.Authentication;
 
 import org.hswebframework.web.authorization.Permission;
 
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 
 import org.hswebframework.web.authorization.access.DataAccessController;
 
+import org.hswebframework.web.authorization.annotation.Authorize;
 
 import org.hswebframework.web.authorization.annotation.Logical;
 
 import org.hswebframework.web.authorization.annotation.RequiresDataAccess;
 
 import org.hswebframework.web.boost.aop.context.MethodInterceptorHolder;
 
@@ -100,12 +101,23 @@ public class DataAccessAnnotationMethodInterceptor extends AuthorizingAnnotation
 
                 accessController = ApplicationContextHolder.get().getBean(accessAnn.controllerBeanName(), DataAccessController.class);
 
             }
 
             DataAccessController finalAccessController = accessController;
 
+            Authorize authorize = holder.findAnnotation(Authorize.class);
 
 
-            MethodInterceptorParamContext context = holder.createParamContext();
 
             String permission = accessAnn.permission();
 
+            List<String> actionList = new ArrayList<>(Arrays.asList(accessAnn.action()));
 
+
 
+            if ("".equals(permission)) {
 
+                if (null == authorize) {
 
+                    throw new NullPointerException("permission setting can not be null");
 
+                }
 
+                permission = authorize.permission()[0];
 
+            }
 
+            if (actionList.isEmpty()) {
 
+                actionList.addAll(Arrays.asList(authorize.action()));
 
+            }
 
+            MethodInterceptorParamContext context = holder.createParamContext();
 
             Permission permissionInfo = authentication.getPermission(permission).orElseThrow(AuthenticationException::new);
 
 
-            List<String> actionList = Arrays.asList(accessAnn.action());
 
             //取得当前登录用户持有的控制规则
 
             Set<DataAccessConfig> accesses = permissionInfo
 
                     .getDataAccesses()

+ 9 - 7
hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java
Прегледај датотеку 

@@ -125,13 +125,14 @@ public class SimpleAuthorizeMethodInterceptor extends AuthorizingAnnotationMetho
 
     }
 
 
     static class AuthorizeConfig {
 
-        Set<String>         permission = new LinkedHashSet<>();
 
-        Set<String>         action     = new LinkedHashSet<>();
 
-        Set<String>         role       = new LinkedHashSet<>();
 
-        Set<String>         user       = new LinkedHashSet<>();
 
-        Logical             logical    = Logical.DEFAULT;
 
-        String              message    = "unauthorized";
 
-        Map<String, Object> var        = null;
 
+        Set<String>         permission        = new LinkedHashSet<>();
 
+        Set<String>         action            = new LinkedHashSet<>();
 
+        Set<String>         role              = new LinkedHashSet<>();
 
+        Set<String>         user              = new LinkedHashSet<>();
 
+        Logical             logical           = Logical.DEFAULT;
 
+        String              message           = "unauthorized";
 
+        Map<String, Object> var               = null;
 
+        boolean             controlAccessData = false;
 
 
         public AuthorizeConfig(Map<String, Object> var) {
 
             this.var = var;
 
@@ -147,6 +148,7 @@ public class SimpleAuthorizeMethodInterceptor extends AuthorizingAnnotationMetho
 
             }
 
             if (authorize.logical() != Logical.DEFAULT)
 
                 logical = authorize.logical();
 
+            controlAccessData = authorize.controlAccessData();
 
         }
 
 
         public String tryCompileExpression(String express) {