Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
L
long-tern-care-service
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
hubin
long-tern-care-service
Commits
38d86c17
Commit
38d86c17
authored
Mar 21, 2022
by
liuxun
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
屏蔽权限校验
parent
be71146d
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
34 additions
and
29 deletions
+34
-29
AuthorizationManager.java
...m/hungraim/ltc/gateway/security/AuthorizationManager.java
+34
-29
No files found.
gateway-service/src/main/java/com/hungraim/ltc/gateway/security/AuthorizationManager.java
View file @
38d86c17
...
@@ -64,35 +64,40 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
...
@@ -64,35 +64,40 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
}
}
// 从缓存取资源权限角色关系列表
//
// 从缓存取资源权限角色关系列表
Map
<
Object
,
Object
>
permissionRoles
=
redisTemplate
.
opsForHash
().
entries
(
AuthConstants
.
PERMISSION_ROLES_KEY
);
//
Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
Iterator
<
Object
>
iterator
=
permissionRoles
.
keySet
().
iterator
();
//
Iterator<Object> iterator = permissionRoles.keySet().iterator();
// 请求路径匹配到的资源需要的角色权限集合authorities统计
//
// 请求路径匹配到的资源需要的角色权限集合authorities统计
Set
<
String
>
authorities
=
new
HashSet
<>();
//
Set<String> authorities = new HashSet<>();
while
(
iterator
.
hasNext
())
{
//
while (iterator.hasNext()) {
String
pattern
=
(
String
)
iterator
.
next
();
//
String pattern = (String) iterator.next();
if
(
pathMatcher
.
match
(
pattern
,
path
))
{
//
if (pathMatcher.match(pattern, path)) {
authorities
.
addAll
(
Convert
.
toList
(
String
.
class
,
permissionRoles
.
get
(
pattern
)));
//
authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
}
//
}
}
//
}
log
.
info
(
"require authorities:{}"
,
authorities
);
//
log.info("require authorities:{}", authorities);
return
mono
//认证通过且角色匹配的用户可访问当前路径
.
filter
(
Authentication:
:
isAuthenticated
)
return
mono
.
map
(
auth
->
{
.
flatMapIterable
(
Authentication:
:
getAuthorities
)
return
new
AuthorizationDecision
(
true
);
.
map
(
GrantedAuthority:
:
getAuthority
)
}).
defaultIfEmpty
(
new
AuthorizationDecision
(
false
));
.
any
(
roleId
->
{
// roleId是请求用户的角色(格式:ROLE_{roleId}),authorities是请求资源所需要角色的集合
// return mono
log
.
info
(
"访问路径:{}"
,
path
);
// .filter(Authentication::isAuthenticated)
log
.
info
(
"用户角色信息:{}"
,
roleId
);
// .flatMapIterable(Authentication::getAuthorities)
log
.
info
(
"资源需要权限authorities:{}"
,
authorities
);
// .map(GrantedAuthority::getAuthority)
//如果是管理员 直接放行
// .any(roleId -> {
if
(
"ROLE_0"
.
equals
(
roleId
))
{
// // roleId是请求用户的角色(格式:ROLE_{roleId}),authorities是请求资源所需要角色的集合
return
true
;
// log.info("访问路径:{}", path);
}
// log.info("用户角色信息:{}", roleId);
return
authorities
.
contains
(
roleId
);
// log.info("资源需要权限authorities:{}", authorities);
})
// //如果是管理员 直接放行
.
map
(
AuthorizationDecision:
:
new
)
// if ("ROLE_0".equals(roleId)) {
.
defaultIfEmpty
(
new
AuthorizationDecision
(
false
));
// return true;
// }
// return authorities.contains(roleId);
// })
// .map(AuthorizationDecision::new)
// .defaultIfEmpty(new AuthorizationDecision(false));
}
}
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment