2 년 전 · 547ccc1224
--- a/core-cache/src/main/java/com/qmth/boot/core/cache/config/CacheAutoConfiguration.java
+++ b/core-cache/src/main/java/com/qmth/boot/core/cache/config/CacheAutoConfiguration.java
@@ -71,8 +71,8 @@ public class CacheAutoConfiguration {
 
				     }
			
 
				 
			
 
				     private Caffeine<Object, Object> buildCaffeineConfig(Duration expireAfterWrite) {
			
 
				-        //默认开启softValues，避免JVM撑爆
			
 
				-        Caffeine<Object, Object> caffeine = Caffeine.newBuilder().softValues();
			
 
				+        //暂不开启softValues
			
 
				+        Caffeine<Object, Object> caffeine = Caffeine.newBuilder();
			
 
				         //写入失效时长大于0时才启用
			
 
				         if (expireAfterWrite.toMillis() > 0) {
			
 
				             caffeine = caffeine.expireAfterWrite(expireAfterWrite);
			
--- a/core-security/src/main/java/com/qmth/boot/core/security/service/AuthorizationService.java
+++ b/core-security/src/main/java/com/qmth/boot/core/security/service/AuthorizationService.java
@@ -18,4 +18,15 @@ public interface AuthorizationService<T extends AccessEntity> {
 
				      */
			
 
				     T findByIdentity(String identity, SignatureType type, String path);
			
 
				 
			
 
				+    /**
			
 
				+     * 根据鉴权对象判断是否有路径访问权限
			
 
				+     *
			
 
				+     * @param accessEntity
			
 
				+     * @param path
			
 
				+     * @return
			
 
				+     */
			
 
				+    default boolean hasPermission(T accessEntity, String path) {
			
 
				+        return true;
			
 
				+    }
			
 
				+
			
 
				 }
			
--- a/core-security/src/main/java/com/qmth/boot/core/security/service/impl/BaseAuthorizationSupport.java
+++ b/core-security/src/main/java/com/qmth/boot/core/security/service/impl/BaseAuthorizationSupport.java
@@ -68,9 +68,9 @@ public class BaseAuthorizationSupport implements AuthorizationSupport {
 
				                     AuthorizationException.TOKEN_ERROR;
			
 
				         }
			
 
				         // 提交请求对象和接口地址进行权限验证
			
 
				-        //if (!service.hasPermission(ae, uri)) {
			
 
				-        //    throw AuthorizationException.NO_PERMISSION;
			
 
				-        //}
			
 
				+        if (!service.hasPermission(ae, uri)) {
			
 
				+            throw AuthorizationException.NO_PERMISSION;
			
 
				+        }
			
 
				         return ae;
			
 
				     }
			
 
				 
			
--- a/starter-api/src/main/java/com/qmth/boot/api/interceptor/impl/AuthorizationInterceptor.java
+++ b/starter-api/src/main/java/com/qmth/boot/api/interceptor/impl/AuthorizationInterceptor.java
@@ -5,12 +5,14 @@ import com.qmth.boot.api.config.ApiConfigService;
 
				 import com.qmth.boot.api.config.ApiProperties;
			
 
				 import com.qmth.boot.api.exception.DefaultExceptionEnum;
			
 
				 import com.qmth.boot.api.interceptor.AbstractInterceptor;
			
 
				+import com.qmth.boot.api.utils.RequestUtil;
			
 
				 import com.qmth.boot.api.valve.IPFilterService;
			
 
				 import com.qmth.boot.core.logger.constant.LoggerConstant;
			
 
				 import com.qmth.boot.core.security.exception.AuthorizationException;
			
 
				 import com.qmth.boot.core.security.model.AccessEntity;
			
 
				 import com.qmth.boot.core.security.service.AuthorizationSupport;
			
 
				 import org.apache.commons.lang3.StringUtils;
			
 
				+import org.slf4j.MDC;
			
 
				 import org.springframework.stereotype.Component;
			
 
				 
			
 
				 import javax.annotation.Resource;
			
@@ -49,6 +51,8 @@ public class AuthorizationInterceptor extends AbstractInterceptor implements Log
 
				                 if (request.getAttribute(ATTRIBUTE_CALLER) == null) {
			
 
				                     request.setAttribute(ATTRIBUTE_CALLER, entity.getLogName());
			
 
				                 }
			
 
				+                // 设置日志CALLER变量
			
 
				+                MDC.put(MDC_CALLER, RequestUtil.getAttribute(request, ATTRIBUTE_CALLER, "-"));
			
 
				             } catch (AuthorizationException ae) {
			
 
				                 log.warn("Authorization faile: path={}, reason={}", request.getServletPath(), ae.getMessage());
			
 
				                 throw DefaultExceptionEnum.AUTHORIZATION_FAILE.exception(ae.getCode(), ae.getMessage());
			
--- a/starter-api/src/main/java/com/qmth/boot/api/utils/RequestTrace.java
+++ b/starter-api/src/main/java/com/qmth/boot/api/utils/RequestTrace.java
@@ -2,13 +2,11 @@ package com.qmth.boot.api.utils;
 
				 
			
 
				 import com.fasterxml.jackson.databind.ObjectMapper;
			
 
				 import com.qmth.boot.api.constant.ApiConstant;
			
 
				-import com.qmth.boot.core.logger.constant.LoggerConstant;
			
 
				 import com.qmth.boot.core.security.model.AccessEntity;
			
 
				 import org.apache.commons.lang3.ArrayUtils;
			
 
				 import org.aspectj.lang.reflect.MethodSignature;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
 
				-import org.slf4j.MDC;
			
 
				 import org.springframework.web.multipart.MultipartFile;
			
 
				 
			
 
				 import javax.servlet.http.HttpServletRequest;
			
@@ -42,8 +40,6 @@ public class RequestTrace {
 
				                 }
			
 
				                 content.put("parameter", parameter);
			
 
				                 // 记录日志
			
 
				-                MDC.put(LoggerConstant.MDC_CALLER,
			
 
				-                        RequestUtil.getAttribute(request, ApiConstant.ATTRIBUTE_CALLER, "-"));
			
 
				                 log.info("Request info: \n{}",
			
 
				                         new ObjectMapper().writerWithDefaultPrettyPrinter().writeValueAsString(content));
			
 
				             } catch (Exception e) {