|
|
@@ -1,21 +1,22 @@
|
|
|
package cn.com.qmth.examcloud.core.examwork.starter.config;
|
|
|
|
|
|
-import java.util.ArrayList;
|
|
|
-import java.util.HashMap;
|
|
|
import java.util.List;
|
|
|
-import java.util.Map;
|
|
|
|
|
|
+import org.apache.commons.collections.CollectionUtils;
|
|
|
+import org.apache.commons.lang3.StringUtils;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
|
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
|
|
|
|
|
-import cn.com.qmth.examcloud.commons.base.util.RegExpUtil;
|
|
|
+import cn.com.qmth.examcloud.commons.base.util.PathUtil;
|
|
|
+import cn.com.qmth.examcloud.commons.base.util.PropertiesUtil;
|
|
|
import cn.com.qmth.examcloud.commons.web.interceptor.FirstInterceptor;
|
|
|
import cn.com.qmth.examcloud.commons.web.redis.RedisClient;
|
|
|
import cn.com.qmth.examcloud.commons.web.security.RequestPermissionInterceptor;
|
|
|
import cn.com.qmth.examcloud.commons.web.security.bean.Role;
|
|
|
+import cn.com.qmth.examcloud.commons.web.security.bean.User;
|
|
|
|
|
|
/**
|
|
|
* 默认WebMvcConfigurer
|
|
|
@@ -30,47 +31,43 @@ public class DefaultWebMvcConfigurerAdapter extends WebMvcConfigurerAdapter {
|
|
|
@Autowired
|
|
|
RedisClient redisClient;
|
|
|
|
|
|
- private static Map<String, String[]> rolePathMap = new HashMap<String, String[]>();
|
|
|
+ static {
|
|
|
+ PropertiesUtil.configureAndWatch(PathUtil.getResoucePath("security-mapping.properties"));
|
|
|
+ }
|
|
|
|
|
|
@Override
|
|
|
public void addInterceptors(InterceptorRegistry registry) {
|
|
|
registry.addInterceptor(new FirstInterceptor()).addPathPatterns("/**");
|
|
|
- registry.addInterceptor(getRequestPermissionInterceptor()).addPathPatterns("/**");
|
|
|
+ RequestPermissionInterceptor requestPermissionInterceptor = getRequestPermissionInterceptor();
|
|
|
+ requestPermissionInterceptor.configureAndWatch("security-exclusions.conf");
|
|
|
+ registry.addInterceptor(requestPermissionInterceptor).addPathPatterns("/**");
|
|
|
super.addInterceptors(registry);
|
|
|
}
|
|
|
|
|
|
@Bean
|
|
|
public RequestPermissionInterceptor getRequestPermissionInterceptor() {
|
|
|
- String[] exclusions = new String[]{
|
|
|
- RegExpUtil.escape("[${app.api.root}]:[/exam/{id}]:[GET]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}]:[/exam/canNotDel/{id}]:[PUT]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}]:[/exam/updateExamInfo]:[PUT]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}]:[/exam/updateExamStudent]:[PUT]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}/exam_student]:[/{id}]:[GET]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}/exam_student]:[/all]:[GET]"),
|
|
|
- RegExpUtil.escape("[${app.api.root}/exam_course]:[]:[GET]")
|
|
|
- //
|
|
|
- };
|
|
|
- return new RequestPermissionInterceptor(redisClient, exclusions) {
|
|
|
+ return new RequestPermissionInterceptor(redisClient) {
|
|
|
|
|
|
@Override
|
|
|
- public boolean hasPermission(String mappingPath, List<Role> roleList) {
|
|
|
- String[] roles = rolePathMap.get(mappingPath);
|
|
|
- if (roles == null) {
|
|
|
- return true;
|
|
|
- }
|
|
|
- if (roleList == null) {
|
|
|
+ public boolean hasPermission(String mappingPath, User user) {
|
|
|
+ List<Role> roleList = user.getRoleList();
|
|
|
+ if (CollectionUtils.isEmpty(roleList)) {
|
|
|
return false;
|
|
|
}
|
|
|
- List<String> roleCodes = new ArrayList<String>();
|
|
|
- for (Role role : roleList) {
|
|
|
- roleCodes.add(role.getRoleCode());
|
|
|
+
|
|
|
+ String roles = PropertiesUtil.getString(mappingPath);
|
|
|
+ if (StringUtils.isBlank(roles)) {
|
|
|
+ return true;
|
|
|
}
|
|
|
- for (String role : roles) {
|
|
|
- if (roleCodes.contains(role)) {
|
|
|
+
|
|
|
+ roles = "," + roles + ",";
|
|
|
+
|
|
|
+ for (Role role : roleList) {
|
|
|
+ if (roles.contains("," + role.getRoleCode() + ",")) {
|
|
|
return true;
|
|
|
}
|
|
|
}
|
|
|
+
|
|
|
return false;
|
|
|
}
|
|
|
|
wangwei