From a44f2c3b5db92069ea2813ecf8cb12a6ab3b2203 Mon Sep 17 00:00:00 2001
From: admin <weikou2014>
Date: 星期四, 19 五月 2022 17:04:07 +0800
Subject: [PATCH] 管理员权限雁验证

---
 app/src/main/java/com/yeshi/makemoney/app/aop/AdminApiFilter.java |   23 ++++++++++++-----------
 1 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/app/src/main/java/com/yeshi/makemoney/app/aop/AdminApiFilter.java b/app/src/main/java/com/yeshi/makemoney/app/aop/AdminApiFilter.java
index c7ca201..97124ef 100644
--- a/app/src/main/java/com/yeshi/makemoney/app/aop/AdminApiFilter.java
+++ b/app/src/main/java/com/yeshi/makemoney/app/aop/AdminApiFilter.java
@@ -1,39 +1,35 @@
 package com.yeshi.makemoney.app.aop;
 
-import com.yeshi.makemoney.app.entity.AdminUser;
-import com.yeshi.makemoney.app.entity.config.SystemConfigKey;
-import com.yeshi.makemoney.app.service.inter.config.SystemConfigService;
+import com.yeshi.makemoney.app.entity.admin.AdminUser;
+import com.yeshi.makemoney.app.service.inter.admin.AdminRoleRuleService;
+import com.yeshi.makemoney.app.service.inter.admin.AdminUserRolesService;
 import com.yeshi.makemoney.app.utils.ApiCodeConstant;
 import com.yeshi.makemoney.app.utils.SystemInfoUtil;
 import com.yeshi.makemoney.app.vo.AcceptAdminData;
-import com.yeshi.makemoney.app.vo.AcceptData;
-import net.sf.json.JSONObject;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
-import org.springframework.boot.web.servlet.server.Session;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.yeshi.utils.JsonUtil;
-import org.yeshi.utils.StringUtil;
 
 import javax.annotation.Resource;
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.io.PrintWriter;
-import java.util.*;
 
 //鍚庡彴鎺ュ彛鐩戞帶
 @Component
 @Aspect
 @Order(2)
 public class AdminApiFilter {
+
+    @Resource
+    private AdminRoleRuleService adminRoleRuleService;
 
     public static final String EDP = "execution(* com.yeshi.makemoney.app.controller.admin..*.*(..))";
 
@@ -54,9 +50,10 @@
 
         if (acceptAdminData != null) {
             HttpSession session = servletContainer.getRequest().getSession();
+            String url = servletContainer.getRequest().getRequestURI();
 
             acceptAdminData.setSystem(SystemInfoUtil.getAdminSelectedSystem(session));
-            if (acceptAdminData.getSystem() == null) {
+            if (acceptAdminData.getSystem() == null && !url.endsWith("index.html") && !url.endsWith("login.html")) {
                 PrintWriter out = servletContainer.getResponse().getWriter();
                 out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_ERROR_IN_SERVER, "鏈�夋嫨绯荤粺"));
                 out.close();
@@ -67,6 +64,10 @@
             if (contextSession != null) {
                 Authentication authentication = contextSession.getAuthentication();
                 AdminUser adminUser = (AdminUser) authentication.getPrincipal();
+                //鍔犺浇鏉冮檺
+                if (adminUser != null && adminUser.getRules() == null) {
+                    adminUser.setRules(adminRoleRuleService.listPaths(adminUser.getAccount()));
+                }
                 acceptAdminData.setAdminUser(adminUser);
             }
 

--
Gitblit v1.8.0