投稿
  1. 首页
  2. 随笔

权限AOP(AuthorityAop)实现RBAC方法各角色权限访问

免费动态域名解析 2022-12-16 随笔 阅读 40

权限AOP(AuthorityAop)实现RBAC方法各角色权限访问,第1张

权限AOP(AuthorityAop)实现RBAC方法各角色权限访问 源码地址:项目测试 视频讲解:基于SpringBoot的权限字符串和AOP注解拦截验证权限字符串以及布隆过滤器的使用问题_哔哩哔哩_bilibili 首先写注解 
package com.fourthgroup.schoolmanagementsystem.annonation;


import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface HasAuth {

    
    String value() default "";
}

然后写权限AOP 
package com.fourthgroup.schoolmanagementsystem.aop;


import com.fourthgroup.schoolmanagementsystem.annonation.HasAuth;
import com.fourthgroup.schoolmanagementsystem.common.constant.WebConstant;
import com.fourthgroup.schoolmanagementsystem.common.exception.BusinessException;
import com.fourthgroup.schoolmanagementsystem.entity.User;
import com.fourthgroup.schoolmanagementsystem.util.JwtUtil;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.Set;


@Slf4j
@Aspect
@Component
public class AuthorityAop {

    @Autowired
    private HttpServletRequest httpServletRequest;

    @Autowired
    private JwtUtil jwtUtil;

    //定义切点,注解为切入点
    @Pointcut("@annotation(com.fourthgroup.schoolmanagementsystem.annonation.HasAuth)")
    public void AuthorityAopPointCut() {

    }

    

    @Before("AuthorityAopPointCut()")
    public void before(JoinPoint joinPoint) throws Throwable {
        log.info("进入Before通知...");
    }

    @After("AuthorityAopPointCut()")
    public void after(JoinPoint joinPoint) throws Throwable {
        log.info("进入After通知....");
    }

    @AfterReturning("AuthorityAopPointCut()")
    public void afterReturning(JoinPoint joinPoint) throws Throwable {
        log.info("进入AfterReturning通知....");
    }

    @AfterThrowing("AuthorityAopPointCut()")
    public void afterThrowing(JoinPoint joinPoint) throws Throwable {
        log.info("进入AfterThrowing通知....");
    }


    @Around("AuthorityAopPointCut()")
    public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
        log.info("进入controller==>Around通知....");

        //从切面织入点处通过反射机制获取织入点处的方法
        MethodSignature signature = (MethodSignature) joinPoint.getSignature();
        //获取切入点所在的方法
        Method method = signature.getMethod();

        HasAuth viewRecords = method.getAnnotation(HasAuth.class);

        String idValue = viewRecords.value();//user:add
        log.info("SelfRecords====>idValue的值为:{}", idValue);

        //获取到idValue值之后,我们获取user实体类里的这个menuUrlPathList
        String token = httpServletRequest.getHeader(WebConstant.HEADER_TOKEN);
        User user = jwtUtil.getUser(token);

//        BloomFilter bloomFileter=user.getBloomFileter();
        Set menuUrlPathList = user.getMenuUrlPathList();
        if (!menuUrlPathList.contains(idValue)) {
            throw new BusinessException("ForBidden 权限不足!");
        }

        return joinPoint.proceed();
    }
}
然后在LoginController中加载数据库的权限字符串(这里我们直接写死,不从数据库中添加) 

@Slf4j
@RestController
@RequestMapping("login")
public class LoginController {

    @Autowired
    private HttpServletRequest httpServletRequest;
    @Autowired
    private JwtUtil jwtUtil;
    @Resource
    private UserService userService;
    @Resource
    private StudentService studentService;
    @Resource
    private TeacherService teacherService;
    @Resource
    private LoginService loginService;
    @Resource
    private LogLoginService logLoginService;


 
    @PostMapping("usernameLogin")
    public void usernameLogin() {

       User user=new User();
       addAuth(user);
       String token = jwtUtil.createToken(user);
       user1.setToken(token);

    }



 public void addAuth(User user) {
      
        //加权限字符串
        Set menuUrlPathList = new HashSet<>();
        menuUrlPathList.add("test");
        
        user.setMenuUrlPathList(menuUrlPathList);
    }

}

User类 
package com.fourthgroup.schoolmanagementsystem.entity;


import com.baomidou.mybatisplus.annotation.FieldFill;
import com.baomidou.mybatisplus.annotation.TableField;
import com.fourthgroup.schoolmanagementsystem.util.BloomFilter;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;

import java.io.Serializable;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Set;


@NoArgsConstructor
@AllArgsConstructor
@Builder
@Data
public class User implements Serializable {
    
    private Long id;

    
    private String username;

    
    private String password;

    
    private Integer state;

    
    @TableField(fill = FieldFill.INSERT)
    private LocalDateTime createTime;

    
    @TableField(fill = FieldFill.INSERT_UPDATE)
    private LocalDateTime updateTime;

    
    @TableField(exist = false)
    private Set menuUrlPathList;

    @TableField(exist = false)
    private Set menuUrlNameList;

    @TableField(exist = false)
    private String token;

    @TableField(exist = false)
    private String email;//以后修改邮箱的时候,更加方便,不用联表 *** 作之类的

    @TableField(exist = false)
    private String phone;

    @TableField(exist = false)
    private List dutiesId;

    @TableField(exist = false)
    private List dutiesName;

    @TableField(exist = false)
    private BloomFilter bloomFileter;
}
测试 
package com.fourthgroup.schoolmanagementsystem.controller;


import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.fourthgroup.schoolmanagementsystem.annonation.HasAuth;
import com.fourthgroup.schoolmanagementsystem.common.constant.NoticeConstant;
import com.fourthgroup.schoolmanagementsystem.common.constant.UserConstant;
import com.fourthgroup.schoolmanagementsystem.common.constant.WebConstant;
import com.fourthgroup.schoolmanagementsystem.common.web.PageWeb;
import com.fourthgroup.schoolmanagementsystem.common.web.ResultJson;
import com.fourthgroup.schoolmanagementsystem.entity.Notice;
import com.fourthgroup.schoolmanagementsystem.service.NoticeService;
import com.fourthgroup.schoolmanagementsystem.util.JwtUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;

@Slf4j
@RestController
@RequestMapping("notice")
public class NoticeController {

    @Autowired
    private HttpServletRequest httpServletRequest;
    @Autowired
    private JwtUtil jwtUtil;
    @Resource
    private NoticeService noticeService;

    
    @HasAuth("test")
    @PostMapping("test")
    public void test() {
        System.out.println("test:::哈哈哈哈哈");
    }


    @HasAuth("test1")
    @PostMapping("test1")
    public void test1() {
        System.out.println("test1::::哈哈哈哈哈");
    }

}
此时我们可以访问HasAuth("test")中的方法,而HasAuth("test1")的方法不可访问,被AOP拦截住了

欢迎分享,转载请注明来源:内存溢出

原文地址: http://outofmemory.cn/zaji/5672026.html

(0)
打赏 微信扫一扫 微信扫一扫 支付宝扫一扫 支付宝扫一扫
免费动态域名解析 免费动态域名解析 一级用户组
0 0
上一篇 2022-12-16
下一篇 2022-12-16

发表评论

登录后才能评论

评论列表(0条)

保存