屏蔽权限校验

gateway-service/src/main/java/com/hungraim/ltc/gateway/security/AuthorizationManager.java

@@ -64,35 +64,40 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
         }
 
 
-        // 从缓存取资源权限角色关系列表
-        Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
-        Iterator<Object> iterator = permissionRoles.keySet().iterator();
-        // 请求路径匹配到的资源需要的角色权限集合authorities统计
-        Set<String> authorities = new HashSet<>();
-        while (iterator.hasNext()) {
-            String pattern = (String) iterator.next();
-            if (pathMatcher.match(pattern, path)) {
-                authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
-            }
-        }
-        log.info("require authorities:{}", authorities);
+//        // 从缓存取资源权限角色关系列表
+//        Map<Object, Object> permissionRoles = redisTemplate.opsForHash().entries(AuthConstants.PERMISSION_ROLES_KEY);
+//        Iterator<Object> iterator = permissionRoles.keySet().iterator();
+//        // 请求路径匹配到的资源需要的角色权限集合authorities统计
+//        Set<String> authorities = new HashSet<>();
+//        while (iterator.hasNext()) {
+//            String pattern = (String) iterator.next();
+//            if (pathMatcher.match(pattern, path)) {
+//                authorities.addAll(Convert.toList(String.class, permissionRoles.get(pattern)));
+//            }
+//        }
+//        log.info("require authorities:{}", authorities);
 
-        return mono
-            .filter(Authentication::isAuthenticated)
-            .flatMapIterable(Authentication::getAuthorities)
-            .map(GrantedAuthority::getAuthority)
-            .any(roleId -> {
-                // roleId是请求用户的角色(格式:ROLE_{roleId})，authorities是请求资源所需要角色的集合
-                log.info("访问路径：{}", path);
-                log.info("用户角色信息：{}", roleId);
-                log.info("资源需要权限authorities：{}", authorities);
-                //如果是管理员 直接放行
-                if ("ROLE_0".equals(roleId)) {
-                    return true;
-                }
-                return authorities.contains(roleId);
-            })
-            .map(AuthorizationDecision::new)
-            .defaultIfEmpty(new AuthorizationDecision(false));
+        //认证通过且角色匹配的用户可访问当前路径
+        return mono.map(auth -> {
+            return new AuthorizationDecision(true);
+        }).defaultIfEmpty(new AuthorizationDecision(false));
+
+//        return mono
+//            .filter(Authentication::isAuthenticated)
+//            .flatMapIterable(Authentication::getAuthorities)
+//            .map(GrantedAuthority::getAuthority)
+//            .any(roleId -> {
+//                // roleId是请求用户的角色(格式:ROLE_{roleId})，authorities是请求资源所需要角色的集合
+//                log.info("访问路径：{}", path);
+//                log.info("用户角色信息：{}", roleId);
+//                log.info("资源需要权限authorities：{}", authorities);
+//                //如果是管理员 直接放行
+//                if ("ROLE_0".equals(roleId)) {
+//                    return true;
+//                }
+//                return authorities.contains(roleId);
+//            })
+//            .map(AuthorizationDecision::new)
+//            .defaultIfEmpty(new AuthorizationDecision(false));
     }
 }