forgetest5
/
ifffff
mirror of https://gitee.com/maxjhandsome/pig
1
0
Fork 0
Code Issues Releases Wiki Activity

修复@Inner注解在类上拦截无效的bug

This commit is contained in:
王炳清 2021-03-23 13:53:39 +08:00
parent f3711c4609
commit a7cebcbb50
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java
View File

@ -26,6 +26,7 @@ import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.access.AccessDeniedException;
import javax.servlet.http.HttpServletRequest;
@ -44,8 +45,13 @@ public class PigSecurityInnerAspect implements Ordered {
private final HttpServletRequest request;
@SneakyThrows
@Around("@annotation(inner)")
@Around("@within(inner) || @annotation(inner)")
public Object around(ProceedingJoinPoint point, Inner inner) {
//实际注入的inner实体由表达式后一个注解决定即是方法上的@Inner注解实体若方法上无@Inner注解则获取类上的
if(inner == null){
Class<?> clazz = point.getTarget().getClass();
inner = AnnotationUtils.findAnnotation(clazz, Inner.class);
}
String header = request.getHeader(SecurityConstants.FROM);
if (inner.value() && !StrUtil.equals(SecurityConstants.FROM_IN, header)) {
log.warn("访问接口 {} 没有权限", point.getSignature().getName());