forgetest5
/
ifffff
mirror of https://gitee.com/maxjhandsome/pig
1
0
Fork 0
Code Issues Releases Wiki Activity

修改:处理fetch跨域的options请求

This commit is contained in:
wangiegie@gmail.com 2017-11-02 22:50:11 +08:00
parent e2352ba9ad
commit 899e4f3092
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
pig-gateway/src/main/java/com/github/pig/gateway/service/impl/PermissionServiceImpl.java
View File

@ -2,19 +2,14 @@ package com.github.pig.gateway.service.impl;
import com.github.pig.gateway.feign.MenuService;
import com.github.pig.gateway.service.PermissionService;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@ -27,18 +22,22 @@ public class PermissionServiceImpl implements PermissionService {
@Autowired
private MenuService menuService;
private AntPathMatcher antPathMatcher = new AntPathMatcher();
@Override
public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
//ele-admin options 跨域配置
if (HttpMethod.OPTIONS.name().equalsIgnoreCase(request.getMethod())) {
return true;
}
Object principal = authentication.getPrincipal();
Collection<SimpleGrantedAuthority> grantedAuthorityList = (Collection<SimpleGrantedAuthority>) authentication.getAuthorities();
List<SimpleGrantedAuthority> grantedAuthorityList = (List<SimpleGrantedAuthority>) authentication.getAuthorities();
boolean hasPermission = false;
if (principal != null) {
//TODO 根据角色查询缓存没有的查询数据库
Set<String> urls = menuService.findMenuByRole("admin");
Set<String> urls = menuService.findMenuByRole(grantedAuthorityList.get(0).getAuthority());
for (String url : urls) {
if (request.getRequestURI().contains(url)) {
if (antPathMatcher.match(request.getRequestURI(), url)) {
hasPermission = true;
break;
}