1.add user login pre condition in GlobalInterceptor

1 year ago · a3d61686e6
parent 495669ac84
commit a3d61686e6
3 changed files with 126 additions and 67 deletions
--- a/luoo_user/src/main/java/com/luoo/user/annotation/GlobalInterceptor.java
+++ b/luoo_user/src/main/java/com/luoo/user/annotation/GlobalInterceptor.java
@ -8,5 +8,7 @@ import java.lang.annotation.Target;
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
 public @interface GlobalInterceptor {
 	boolean checkLogin() default false;
 	boolean checkAdminLogin() default false;
    boolean checkParam() default true;
 }
--- a/luoo_user/src/main/java/com/luoo/user/aspect/OperationAspect.java
+++ b/luoo_user/src/main/java/com/luoo/user/aspect/OperationAspect.java
@ -1,10 +1,11 @@
 package com.luoo.user.aspect;
 import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.lang.reflect.Parameter;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.commons.lang3.ArrayUtils;
 import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
@ -12,21 +13,32 @@ import org.aspectj.lang.annotation.Before;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import com.luoo.user.annotation.GlobalInterceptor;
 import com.luoo.user.annotation.VerifyParam;
 import com.luoo.user.constants.Constants;
 import com.luoo.user.util.VerifyUtils;
 import api.StatusCode;
 import dto.UserLoginDto;
 import exception.BizException;
 import util.JwtUtil;
 import util.StringTools;
@Aspect
@Component("operationAspect")
 public class OperationAspect {
 	static Logger logger = LoggerFactory.getLogger(OperationAspect.class);
-    private static final String[] BASE_TYPE_ARRAY=new String[] {"java.lang.String","java.lang.Integer","java.lang.Long"};
+	private static final String[] BASE_TYPE_ARRAY = new String[] { "java.lang.String", "java.lang.Integer",
 			"java.lang.Long" };
 	@Autowired
 	private JwtUtil jwtUtil;
 	@Before("@annotation(com.luoo.user.annotation.GlobalInterceptor)")
 	public void interceptorDo(JoinPoint point) {
 		Object[] arguments = point.getArgs();
@ -35,10 +47,52 @@ public class OperationAspect {
 		if (null == interceptor) {
 			return;
 		}
 		/**
 		 * 登录校验
 		 */
 		if (interceptor.checkLogin()) {
 			checkLogin();
 		}
 		/**
 		 * 管理用户登录校验
 		 */
 		if (interceptor.checkAdminLogin()) {
 			checkAdminLogin();
 		}
 		/**
 		 * 校验参数
 		 */
 		if (interceptor.checkParam()) {
 			validateParams(method, arguments);
 		}
 	}
 	private void checkAdminLogin() {
 		UserLoginDto userLoginDto = getUserLoginDtoFromToken();
 		if (userLoginDto == null) {
 			throw new BizException(StatusCode.UNAUTHORIZED);
 		}
 		if (!Constants.TOKEN_ROLE_ADMIN_USER.equals(userLoginDto.getRoles())) {
 			throw new BizException(StatusCode.FORBIDDEN);
 		}
 	}
 	private void checkLogin() {
 		UserLoginDto userLoginDto = getUserLoginDtoFromToken();
 		if (userLoginDto == null) {
 			throw new BizException(StatusCode.UNAUTHORIZED);
 		}
 	}
 	private UserLoginDto getUserLoginDtoFromToken() {
 		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
 				.getRequest();
 		String token = request.getHeader("token");
 		return jwtUtil.getUserLoginDto(token);
 	}
 	private void validateParams(Method method, Object[] arguments) {
 		Parameter[] parameters = method.getParameters();
 		for (int i = 0; i < parameters.length; i++) {
@ -56,6 +110,7 @@ public class OperationAspect {
 			}
 		}
 	}
 	private void checkObjValue(Parameter parameter, Object value) {
 		try {
 			String typeName = parameter.getParameterizedType().getTypeName();
@ -83,10 +138,12 @@ public class OperationAspect {
 		if (isEmpty && verifyParam.required()) {
 			throw new BizException(StatusCode.VALIDATE_FAILED);
 		}
-        if(!isEmpty&&(-1!=verifyParam.max()&&verifyParam.max()<length||-1!=verifyParam.min()&&verifyParam.min()>length)) {
+		if (!isEmpty && (-1 != verifyParam.max() && verifyParam.max() < length
 				|| -1 != verifyParam.min() && verifyParam.min() > length)) {
 			throw new BizException(StatusCode.VALIDATE_FAILED);
 		}
-        if(!isEmpty&&!StringTools.isEmpty(verifyParam.regex().getRegex())&&!VerifyUtils.verify(verifyParam.regex(), String.valueOf(value))) {
+		if (!isEmpty && !StringTools.isEmpty(verifyParam.regex().getRegex())
 				&& !VerifyUtils.verify(verifyParam.regex(), String.valueOf(value))) {
 			throw new BizException(StatusCode.VALIDATE_FAILED);
 		}
 	}
--- a/luoo_user/src/main/java/com/luoo/user/controller/AdminController.java
+++ b/luoo_user/src/main/java/com/luoo/user/controller/AdminController.java
@ -98,7 +98,7 @@ public class AdminController {
 	@ApiImplicitParams({
 		@ApiImplicitParam(name = "ids", value = "多个id以','分隔", required = true) })
 	@GetMapping("/ids/{id}")
-	@GlobalInterceptor
+	@GlobalInterceptor(checkAdminLogin=true)
 	public Result<List<Admin>> findAllById(@PathVariable @VerifyParam(required=true) String ids){
 		List<String> idList=Arrays.stream(ids.split(",")).map(String::trim).collect(Collectors.toList());
 		return Result.success(adminService.findAllById(idList));