调整垂直鉴权

service-manager/src/main/java/com/winsun/intercept/AuthIntercept.java

@@ -4,10 +4,16 @@ import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
 import com.netflix.discovery.converters.Auto;
+import com.winsun.auth.core.common.model.ResponseData;
 import com.winsun.auth.core.shiro.ShiroUser;
+import com.winsun.auth.model.common.Menu;
 import com.winsun.item.core.shiro.ShiroKit;
+import com.winsun.item.modular.system.dao.RelationMapper;
+import com.winsun.item.util.LoginUtils;
 import com.winsun.mapper.SysUserMapper;
+import com.winsun.tenpay.util.StringUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.ModelAndView;
@@ -15,6 +21,7 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -32,40 +39,49 @@ public class AuthIntercept extends HandlerInterceptorAdapter {
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         try {
             ShiroUser user = ShiroKit.getUser();
-            if (user != null) {
-                log.info("请求测试：" + JSON.toJSONString(user));
-            }
-            else {
+            if (user == null) {
                 log.error("错误");
+                return false;
             }
 
-            Integer integer = sysUserMapper.selectCount(new EntityWrapper<>());
-            log.info("总数：" + integer);
-        }catch (Exception e) {
-            e.printStackTrace();
-        }
+            String security = request.getHeader("security");
 
-        return super.preHandle(request, response, handler);
+            if (StringUtils.isBlank(security)) {
+                log.error("校验权限失败！");
+                return false;
             }
 
-    @Override
-    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+            List<Integer> roleList = user.getRoleList();
+            if (roleList.size() == 0) {
+                log.error("无权限");
+                return false;
+            }
 
-        try {
-            ShiroUser user = ShiroKit.getUser();
-            if (user != null) {
-                log.info(JSON.toJSONString(user));
+            ResponseData<String> stringResponseData = LoginUtils.pwdDecrypt(security);
+            if (!stringResponseData.isSuccess()) {
+                log.error("鉴权失败");
+                return false;
+            }
+            String data = stringResponseData.getData();
+            List<Menu> roleMenu = sysUserMapper.getRoleMenu(roleList);
+            log.info("data: {}", data);
+            for (Menu menu : roleMenu) {
+                log.info(menu.getUrl());
+                if (StringUtils.equals(menu.getUrl(), data)) {
+                    log.info("获取到相同的菜单");
+                    return true;
                 }
-            else {
-                log.error("错误");
             }
-
-            Integer integer = sysUserMapper.selectCount(new EntityWrapper<>());
-            log.info("总数：" + integer);
         }catch (Exception e) {
             e.printStackTrace();
         }
 
+        return super.preHandle(request, response, handler);
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+
         Map<String, Object> model = modelAndView.getModel();
         log.info("结束信息: {}", JSONObject.toJSONString(model));