diff --git a/src/main/java/com/easysoftware/adapter/query/ApplicationVersionQueryAdapter.java b/src/main/java/com/easysoftware/adapter/query/ApplicationVersionQueryAdapter.java index 70649775d4e70cabc473ba4b3fabcdbe41793d13..f49f6ba899b51e0e5bfb6fdda12baf5ffe5d043b 100644 --- a/src/main/java/com/easysoftware/adapter/query/ApplicationVersionQueryAdapter.java +++ b/src/main/java/com/easysoftware/adapter/query/ApplicationVersionQueryAdapter.java @@ -12,8 +12,14 @@ package com.easysoftware.adapter.query; import com.easysoftware.common.account.UerPermissionDef; +import com.easysoftware.common.account.UserPermission; import com.easysoftware.common.annotation.PreUserPermission; +import com.easysoftware.common.entity.MessageCode; +import com.easysoftware.common.utils.ResultUtil; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; @@ -25,15 +31,33 @@ import com.easysoftware.common.aop.RequestLimitRedis; import jakarta.validation.Valid; +import java.util.HashMap; + @RestController @RequestMapping("/appVersion") public class ApplicationVersionQueryAdapter { + /** + * Logger for ApplicationVersionQueryAdapter. + */ + private static final Logger LOGGER = LoggerFactory.getLogger(ApplicationVersionQueryAdapter.class); + /** * Autowired service for handling application version-related operations. */ @Autowired private ApplicationVersionService appVersionService; + /** + * Autowired UserPermission for check user permission. + */ + @Autowired + private UserPermission userPermission; + + /** + * Define current functional permissions. + */ + private static final String[] REQUIRE_PERMISSIONS = {UerPermissionDef.USER_PERMISSION_READ}; + /** * Endpoint to search for application versions based on the provided search * condition. @@ -63,4 +87,29 @@ public class ApplicationVersionQueryAdapter { // 检查会话权限 return appVersionService.searchAppVerColumn(condition); } + + /** + * Check if the user has permission to access. + * + * @return ResponseEntity. + */ + @GetMapping("/permission") + @RequestLimitRedis() + public ResponseEntity checkPermission() { + HashMap result = new HashMap<>(); + try { + /* 检查用户权限 */ + boolean permissionFlag = userPermission.checkUserPermission(REQUIRE_PERMISSIONS); + + if (permissionFlag) { + result.put("allow_access", Boolean.TRUE); + } else { + result.put("allow_access", Boolean.FALSE); + } + return ResultUtil.success(HttpStatus.OK, result); + } catch (Exception e) { + LOGGER.error("Authentication exception"); + return ResultUtil.fail(HttpStatus.UNAUTHORIZED, MessageCode.EC00020); + } + } } diff --git a/src/main/java/com/easysoftware/common/account/UserPermission.java b/src/main/java/com/easysoftware/common/account/UserPermission.java index e9e2666a9e60f53c32aedb8b442da300865eed33..051f025866ac95da9b4069ec2a16096374e77860 100644 --- a/src/main/java/com/easysoftware/common/account/UserPermission.java +++ b/src/main/java/com/easysoftware/common/account/UserPermission.java @@ -52,6 +52,27 @@ public class UserPermission { @Value("${cookie.token.name}") private String cookieTokenName; + /** + * check user permission. + * @param requirePermissions required user Permissions. + * @return Permission matching results. + */ + public boolean checkUserPermission(String[] requirePermissions) { + /* 访问权限要求为空 */ + if (Objects.isNull(requirePermissions) || 0 == requirePermissions.length) { + return true; + } + + /* 获取客户权限 */ + HashSet permissionSet = this.getPermissionList(); + if (Objects.isNull(permissionSet) || permissionSet.isEmpty()) { + return false; + } + + /* 检查客户权限是否满足访问权限 */ + return Arrays.stream(requirePermissions).anyMatch(permissionSet::contains); + } + /** * Get user permission by user token and manage token. * @return Collection of user permissions. diff --git a/src/main/java/com/easysoftware/common/aop/PreUserPermissionAspect.java b/src/main/java/com/easysoftware/common/aop/PreUserPermissionAspect.java index 694550ee6090c7788dd2f695ae17c6a3007d4123..af11c7bbf6d728adfb2fee40e908c4a1c6e15dde 100644 --- a/src/main/java/com/easysoftware/common/aop/PreUserPermissionAspect.java +++ b/src/main/java/com/easysoftware/common/aop/PreUserPermissionAspect.java @@ -15,8 +15,6 @@ import org.springframework.http.HttpStatus; import org.springframework.stereotype.Component; import java.lang.reflect.Method; -import java.util.HashSet; -import java.util.Objects; @Aspect @Component @@ -48,24 +46,12 @@ public class PreUserPermissionAspect { PreUserPermission preUserPermission = method.getAnnotation(PreUserPermission.class); String[] paramValues = preUserPermission.value(); - /* 方法使用注解,如果未指定参数,默认无权限控制;否则,进行权限检查 */ - if (!Objects.isNull(paramValues) && 0 != paramValues.length) { - /* 获取客户权限 */ - HashSet permissionSet = userPermission.getPermissionList(); + /* 检查客户权限是否满足访问权限 */ + boolean permissionFlag = userPermission.checkUserPermission(paramValues); - /* 检查客户权限是否满足访问权限 */ - boolean permissionFlag = false; - for (String item : paramValues) { - if (permissionSet.contains(item)) { - permissionFlag = true; - break; - } - } - - if (!permissionFlag) { - LOGGER.error("Insufficient permissions"); - return ResultUtil.fail(HttpStatus.UNAUTHORIZED, MessageCode.EC00019); - } + if (!permissionFlag) { + LOGGER.error("Insufficient permissions"); + return ResultUtil.fail(HttpStatus.FORBIDDEN, MessageCode.EC00019); } } catch (Exception e) { LOGGER.error("Authentication exception");