lcj/xinnengyuan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[add] 项目id校验拦截器

Browse Source
This commit is contained in:
lcj
2025-07-08 09:27:48 +08:00
parent 0f9e37b1a8
commit 67ff23e048
2 changed files with 52 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/common/config/WebMvcConfig.java Normal file
View File

@ -0,0 +1,37 @@
package org.dromara.common.config;
import jakarta.annotation.Resource;
import lombok.Data;
import org.dromara.common.interceptor.ValidProjectInterceptor;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.List;
/**
* @author lcj
* @date 2025/7/8 9:06
*/
@Data
@Configuration
@ConfigurationProperties(prefix = "security")
public class WebMvcConfig implements WebMvcConfigurer {
@Resource
private ValidProjectInterceptor validProjectInterceptor;
/**
* 排除路径
*/
private List<String> excludes;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(validProjectInterceptor)
.addPathPatterns("/**")
.excludePathPatterns(excludes)
.excludePathPatterns("/resource/sse/**", "/auth/**", "/system/user/**", "/project/projectRelevancy/login/list", "/system/menu/getRouters");
}
}

18
xinnengyuan/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/common/interceptor/ValidProjectInterceptor.java
View File

@ -1,9 +1,14 @@
package org.dromara.common.interceptor; package org.dromara.common.interceptor;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.Aspect; import org.dromara.common.core.constant.HttpStatus;
import org.dromara.common.core.exception.ServiceException;
import org.dromara.common.core.utils.StringUtils;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.project.service.IBusProjectService;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.HandlerInterceptor;
@ -12,14 +17,21 @@ import org.springframework.web.servlet.HandlerInterceptor;
* @date 2025/7/7 19:57 * @date 2025/7/7 19:57
*/ */
@Slf4j @Slf4j
@Aspect
@Component @Component
public class ValidProjectInterceptor implements HandlerInterceptor { public class ValidProjectInterceptor implements HandlerInterceptor {
@Resource
private IBusProjectService projectService;
// 请求前执行 // 请求前执行
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("请求拦截器 preHandleURI = " + request.getRequestURI()); String projectId = request.getHeader("projectId");
Long userId = LoginHelper.getUserId();
if (StringUtils.isBlank(projectId) || userId == null) {
throw new ServiceException("无访问权限", HttpStatus.FORBIDDEN);
}
projectService.validAuth(Long.valueOf(projectId), userId);
// 返回 true 表示继续执行false 则请求被终止 // 返回 true 表示继续执行false 则请求被终止
return true; return true;
} }