mirror of
https://gitee.com/y_project/RuoYi-Cloud.git
synced 2026-01-26 11:51:55 +08:00
共通字段自动填充
This commit is contained in:
AlanScipio
@@ -6,11 +6,10 @@ import com.ruoyi.system.api.model.LoginUser;
|
||||
|
||||
/**
|
||||
* Token 权限验证工具类
|
||||
*
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
public class AuthUtil
|
||||
{
|
||||
public class AuthUtil {
|
||||
/**
|
||||
* 底层的 AuthLogic 对象
|
||||
*/
|
||||
@@ -19,149 +18,134 @@ public class AuthUtil
|
||||
/**
|
||||
* 会话注销
|
||||
*/
|
||||
public static void logout()
|
||||
{
|
||||
public static void logout() {
|
||||
authLogic.logout();
|
||||
}
|
||||
|
||||
/**
|
||||
* 会话注销,根据指定Token
|
||||
*
|
||||
*
|
||||
* @param token 指定token
|
||||
*/
|
||||
public static void logoutByToken(String token)
|
||||
{
|
||||
public static void logoutByToken(String token) {
|
||||
authLogic.logoutByToken(token);
|
||||
}
|
||||
|
||||
/**
|
||||
* 检验当前会话是否已经登录,如未登录,则抛出异常
|
||||
*/
|
||||
public static void checkLogin()
|
||||
{
|
||||
public static void checkLogin() {
|
||||
authLogic.checkLogin();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取当前登录用户信息
|
||||
*
|
||||
*
|
||||
* @param token 指定token
|
||||
* @return 用户信息
|
||||
*/
|
||||
public static LoginUser getLoginUser(String token)
|
||||
{
|
||||
public static LoginUser getLoginUser(String token) {
|
||||
return authLogic.getLoginUser(token);
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证当前用户有效期
|
||||
*
|
||||
*
|
||||
* @param loginUser 用户信息
|
||||
*/
|
||||
public static void verifyLoginUserExpire(LoginUser loginUser)
|
||||
{
|
||||
public static void verifyLoginUserExpire(LoginUser loginUser) {
|
||||
authLogic.verifyLoginUserExpire(loginUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定角色标识, 返回true或false
|
||||
*
|
||||
*
|
||||
* @param role 角色标识
|
||||
* @return 是否含有指定角色标识
|
||||
*/
|
||||
public static boolean hasRole(String role)
|
||||
{
|
||||
public static boolean hasRole(String role) {
|
||||
return authLogic.hasRole(role);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException
|
||||
*
|
||||
*
|
||||
* @param role 角色标识
|
||||
*/
|
||||
public static void checkRole(String role)
|
||||
{
|
||||
public static void checkRole(String role) {
|
||||
authLogic.checkRole(role);
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException
|
||||
*
|
||||
*
|
||||
* @param requiresRoles 角色权限注解
|
||||
*/
|
||||
public static void checkRole(RequiresRoles requiresRoles)
|
||||
{
|
||||
public static void checkRole(RequiresRoles requiresRoles) {
|
||||
authLogic.checkRole(requiresRoles);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过]
|
||||
*
|
||||
*
|
||||
* @param roles 角色标识数组
|
||||
*/
|
||||
public static void checkRoleAnd(String... roles)
|
||||
{
|
||||
public static void checkRoleAnd(String... roles) {
|
||||
authLogic.checkRoleAnd(roles);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可]
|
||||
*
|
||||
*
|
||||
* @param roles 角色标识数组
|
||||
*/
|
||||
public static void checkRoleOr(String... roles)
|
||||
{
|
||||
public static void checkRoleOr(String... roles) {
|
||||
authLogic.checkRoleOr(roles);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定权限, 返回true或false
|
||||
*
|
||||
*
|
||||
* @param permission 权限码
|
||||
* @return 是否含有指定权限
|
||||
*/
|
||||
public static boolean hasPermi(String permission)
|
||||
{
|
||||
public static boolean hasPermi(String permission) {
|
||||
return authLogic.hasPermi(permission);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException
|
||||
*
|
||||
*
|
||||
* @param permission 权限码
|
||||
*/
|
||||
public static void checkPermi(String permission)
|
||||
{
|
||||
public static void checkPermi(String permission) {
|
||||
authLogic.checkPermi(permission);
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException
|
||||
*
|
||||
*
|
||||
* @param requiresPermissions 权限注解
|
||||
*/
|
||||
public static void checkPermi(RequiresPermissions requiresPermissions)
|
||||
{
|
||||
public static void checkPermi(RequiresPermissions requiresPermissions) {
|
||||
authLogic.checkPermi(requiresPermissions);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定权限 [指定多个,必须全部验证通过]
|
||||
*
|
||||
*
|
||||
* @param permissions 权限码数组
|
||||
*/
|
||||
public static void checkPermiAnd(String... permissions)
|
||||
{
|
||||
public static void checkPermiAnd(String... permissions) {
|
||||
authLogic.checkPermiAnd(permissions);
|
||||
}
|
||||
|
||||
/**
|
||||
* 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可]
|
||||
*
|
||||
*
|
||||
* @param permissions 权限码数组
|
||||
*/
|
||||
public static void checkPermiOr(String... permissions)
|
||||
{
|
||||
public static void checkPermiOr(String... permissions) {
|
||||
authLogic.checkPermiOr(permissions);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.ruoyi.common.core.constant.HttpStatus;
|
||||
import com.ruoyi.common.core.exception.DemoModeException;
|
||||
import com.ruoyi.common.core.exception.InnerAuthException;
|
||||
import com.ruoyi.common.core.exception.ServiceException;
|
||||
import com.ruoyi.common.core.exception.auth.LoginExpiredException;
|
||||
import com.ruoyi.common.core.exception.auth.NotPermissionException;
|
||||
import com.ruoyi.common.core.exception.auth.NotRoleException;
|
||||
import com.ruoyi.common.core.utils.StringUtils;
|
||||
@@ -25,16 +26,14 @@ import jakarta.servlet.http.HttpServletRequest;
|
||||
* @author ruoyi
|
||||
*/
|
||||
@RestControllerAdvice
|
||||
public class GlobalExceptionHandler
|
||||
{
|
||||
public class GlobalExceptionHandler {
|
||||
private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
|
||||
|
||||
/**
|
||||
* 权限码异常
|
||||
*/
|
||||
@ExceptionHandler(NotPermissionException.class)
|
||||
public AjaxResult handleNotPermissionException(NotPermissionException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleNotPermissionException(NotPermissionException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',权限码校验失败'{}'", requestURI, e.getMessage());
|
||||
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
|
||||
@@ -44,8 +43,7 @@ public class GlobalExceptionHandler
|
||||
* 角色权限异常
|
||||
*/
|
||||
@ExceptionHandler(NotRoleException.class)
|
||||
public AjaxResult handleNotRoleException(NotRoleException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleNotRoleException(NotRoleException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage());
|
||||
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
|
||||
@@ -55,8 +53,7 @@ public class GlobalExceptionHandler
|
||||
* 请求方式不支持
|
||||
*/
|
||||
@ExceptionHandler(HttpRequestMethodNotSupportedException.class)
|
||||
public AjaxResult handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod());
|
||||
return AjaxResult.error(e.getMessage());
|
||||
@@ -66,8 +63,7 @@ public class GlobalExceptionHandler
|
||||
* 业务异常
|
||||
*/
|
||||
@ExceptionHandler(ServiceException.class)
|
||||
public AjaxResult handleServiceException(ServiceException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleServiceException(ServiceException e, HttpServletRequest request) {
|
||||
log.error(e.getMessage(), e);
|
||||
Integer code = e.getCode();
|
||||
return StringUtils.isNotNull(code) ? AjaxResult.error(code, e.getMessage()) : AjaxResult.error(e.getMessage());
|
||||
@@ -77,8 +73,7 @@ public class GlobalExceptionHandler
|
||||
* 请求路径中缺少必需的路径变量
|
||||
*/
|
||||
@ExceptionHandler(MissingPathVariableException.class)
|
||||
public AjaxResult handleMissingPathVariableException(MissingPathVariableException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleMissingPathVariableException(MissingPathVariableException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求路径中缺少必需的路径变量'{}',发生系统异常.", requestURI, e);
|
||||
return AjaxResult.error(String.format("请求路径中缺少必需的路径变量[%s]", e.getVariableName()));
|
||||
@@ -88,8 +83,7 @@ public class GlobalExceptionHandler
|
||||
* 请求参数类型不匹配
|
||||
*/
|
||||
@ExceptionHandler(MethodArgumentTypeMismatchException.class)
|
||||
public AjaxResult handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleMethodArgumentTypeMismatchException(MethodArgumentTypeMismatchException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求参数类型不匹配'{}',发生系统异常.", requestURI, e);
|
||||
return AjaxResult.error(String.format("请求参数类型不匹配,参数[%s]要求类型为:'%s',但输入值为:'%s'", e.getName(), e.getRequiredType().getName(), e.getValue()));
|
||||
@@ -99,8 +93,7 @@ public class GlobalExceptionHandler
|
||||
* 拦截未知的运行时异常
|
||||
*/
|
||||
@ExceptionHandler(RuntimeException.class)
|
||||
public AjaxResult handleRuntimeException(RuntimeException e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleRuntimeException(RuntimeException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',发生未知异常.", requestURI, e);
|
||||
return AjaxResult.error(e.getMessage());
|
||||
@@ -110,8 +103,7 @@ public class GlobalExceptionHandler
|
||||
* 系统异常
|
||||
*/
|
||||
@ExceptionHandler(Exception.class)
|
||||
public AjaxResult handleException(Exception e, HttpServletRequest request)
|
||||
{
|
||||
public AjaxResult handleException(Exception e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',发生系统异常.", requestURI, e);
|
||||
return AjaxResult.error(e.getMessage());
|
||||
@@ -121,8 +113,7 @@ public class GlobalExceptionHandler
|
||||
* 自定义验证异常
|
||||
*/
|
||||
@ExceptionHandler(BindException.class)
|
||||
public AjaxResult handleBindException(BindException e)
|
||||
{
|
||||
public AjaxResult handleBindException(BindException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
String message = e.getAllErrors().getFirst().getDefaultMessage();
|
||||
return AjaxResult.error(message);
|
||||
@@ -132,8 +123,7 @@ public class GlobalExceptionHandler
|
||||
* 自定义验证异常
|
||||
*/
|
||||
@ExceptionHandler(MethodArgumentNotValidException.class)
|
||||
public Object handleMethodArgumentNotValidException(MethodArgumentNotValidException e)
|
||||
{
|
||||
public Object handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
String message = e.getBindingResult().getFieldError().getDefaultMessage();
|
||||
return AjaxResult.error(message);
|
||||
@@ -143,8 +133,7 @@ public class GlobalExceptionHandler
|
||||
* 内部认证异常
|
||||
*/
|
||||
@ExceptionHandler(InnerAuthException.class)
|
||||
public AjaxResult handleInnerAuthException(InnerAuthException e)
|
||||
{
|
||||
public AjaxResult handleInnerAuthException(InnerAuthException e) {
|
||||
return AjaxResult.error(e.getMessage());
|
||||
}
|
||||
|
||||
@@ -152,8 +141,15 @@ public class GlobalExceptionHandler
|
||||
* 演示模式异常
|
||||
*/
|
||||
@ExceptionHandler(DemoModeException.class)
|
||||
public AjaxResult handleDemoModeException(DemoModeException e)
|
||||
{
|
||||
public AjaxResult handleDemoModeException(DemoModeException e) {
|
||||
return AjaxResult.error("演示模式,不允许操作");
|
||||
}
|
||||
|
||||
/**
|
||||
* 登录过期异常
|
||||
*/
|
||||
@ExceptionHandler(LoginExpiredException.class)
|
||||
public AjaxResult handleLoginExpiredException(LoginExpiredException e) {
|
||||
return AjaxResult.error(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -99,7 +99,6 @@ public class TokenService {
|
||||
if (StringUtils.isNotEmpty(token)) {
|
||||
String userKey = JwtUtils.getUserKey(token);
|
||||
user = redisService.getCacheObject(getTokenKey(userKey));
|
||||
return user;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.error("获取用户信息异常'{}'", e.getMessage());
|
||||
|
||||
@@ -9,6 +9,8 @@ import com.ruoyi.common.core.utils.ServletUtils;
|
||||
import com.ruoyi.common.core.utils.StringUtils;
|
||||
import com.ruoyi.system.api.model.LoginUser;
|
||||
|
||||
import java.util.Objects;
|
||||
|
||||
/**
|
||||
* 权限获取工具类
|
||||
*
|
||||
@@ -22,6 +24,11 @@ public class SecurityUtils {
|
||||
return SecurityContextHolder.getUserId();
|
||||
}
|
||||
|
||||
public static String getUserIdStr() {
|
||||
Long userId = SecurityContextHolder.getUserId();
|
||||
return userId == null ? "UNKNOWN" : String.valueOf(userId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取用户名称
|
||||
*/
|
||||
@@ -47,7 +54,7 @@ public class SecurityUtils {
|
||||
* 获取请求token
|
||||
*/
|
||||
public static String getToken() {
|
||||
return getToken(ServletUtils.getRequest());
|
||||
return getToken(Objects.requireNonNull(ServletUtils.getRequest()));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -0,0 +1,59 @@
|
||||
package com.ruoyi.common.security.utils;
|
||||
|
||||
import com.ruoyi.common.core.constant.SecurityConstants;
|
||||
import com.ruoyi.common.core.context.SecurityContextHolder;
|
||||
import com.ruoyi.common.core.exception.auth.LoginExpiredException;
|
||||
import com.ruoyi.common.core.utils.StringUtils;
|
||||
import com.ruoyi.common.security.auth.AuthUtil;
|
||||
import com.ruoyi.system.api.model.LoginUser;
|
||||
|
||||
/**
|
||||
* @author Alan Scipio
|
||||
* created on 2024/2/6
|
||||
*/
|
||||
public class SecurityUtilsExt {
|
||||
|
||||
/**
|
||||
* 获取用户ID
|
||||
*/
|
||||
public static Long getUserIdFromRedis() {
|
||||
LoginUser loginUser = getLoginUserFromRedis();
|
||||
if (loginUser == null) {
|
||||
throw new LoginExpiredException("用户登录已过期,请重新登录");
|
||||
}
|
||||
return loginUser.getUserid();
|
||||
}
|
||||
|
||||
public static String getUserIdStr() {
|
||||
Long userId = getUserIdFromRedis();
|
||||
return userId == null ? "UNKNOWN" : String.valueOf(userId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取用户名称
|
||||
*/
|
||||
public static String getUsernameFromRedis() {
|
||||
LoginUser loginUser = getLoginUserFromRedis();
|
||||
assert loginUser != null;
|
||||
return loginUser.getUsername();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取登录用户信息
|
||||
*/
|
||||
public static LoginUser getLoginUserFromRedis() {
|
||||
//从请求头里获取token
|
||||
String token = SecurityUtils.getToken();
|
||||
if (StringUtils.isNotEmpty(token)) {
|
||||
//从redis里获取用户信息
|
||||
LoginUser loginUser = AuthUtil.getLoginUser(token);
|
||||
if (loginUser != null) {
|
||||
//将用户信息存入线程变量(或更新)
|
||||
SecurityContextHolder.set(SecurityConstants.LOGIN_USER, loginUser);
|
||||
return loginUser;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user