最新产品
This commit is contained in:
ZZX9599
64
src/main/java/com/yj/earth/aspect/EncryptResponseAspect.java
Normal file
64
src/main/java/com/yj/earth/aspect/EncryptResponseAspect.java
Normal file
@ -0,0 +1,64 @@
|
||||
package com.yj.earth.aspect;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.yj.earth.annotation.EncryptResponse;
|
||||
import com.yj.earth.common.util.AesEncryptUtil;
|
||||
import com.yj.earth.common.util.ApiResponse;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aspectj.lang.ProceedingJoinPoint;
|
||||
import org.aspectj.lang.annotation.Around;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.aspectj.lang.annotation.Pointcut;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 响应加密切面: 拦截 @EncryptResponse 注解的方法、对返回结果进行加密
|
||||
*/
|
||||
@Slf4j
|
||||
@Aspect
|
||||
@Component
|
||||
@RequiredArgsConstructor
|
||||
public class EncryptResponseAspect {
|
||||
|
||||
private final ObjectMapper objectMapper;
|
||||
private final Environment environment;
|
||||
|
||||
/**
|
||||
* 定义切点: 拦截所有被 @EncryptResponse 标记的方法
|
||||
*/
|
||||
@Pointcut("@annotation(encryptResponse)")
|
||||
public void pointCut(EncryptResponse encryptResponse) {}
|
||||
|
||||
/**
|
||||
* 环绕通知: 对方法返回结果进行加密处理
|
||||
*/
|
||||
@Around("pointCut(encryptResponse)")
|
||||
public Object around(ProceedingJoinPoint joinPoint, EncryptResponse encryptResponse) throws Throwable {
|
||||
// 执行原方法、获取返回结果
|
||||
Object result = joinPoint.proceed();
|
||||
|
||||
// 从配置文件获取密钥
|
||||
String key = environment.getProperty(encryptResponse.keyProperty());
|
||||
if (key == null || key.isEmpty()) {
|
||||
log.error("加密密钥未配置、keyProperty: {}", encryptResponse.keyProperty());
|
||||
throw new RuntimeException("加密密钥未配置");
|
||||
}
|
||||
|
||||
// 将返回结果转为JSON字符串
|
||||
String jsonResult;
|
||||
try {
|
||||
jsonResult = objectMapper.writeValueAsString(result);
|
||||
} catch (JsonProcessingException e) {
|
||||
log.error("返回结果转JSON失败", e);
|
||||
throw new RuntimeException("返回结果序列化失败");
|
||||
}
|
||||
|
||||
// 执行加密
|
||||
String encryptedResult = AesEncryptUtil.encrypt(jsonResult, key, encryptResponse.algorithm());
|
||||
log.debug("接口返回结果已加密、原始长度: {}、加密后长度: {}", jsonResult.length(), encryptedResult.length());
|
||||
return ApiResponse.success(encryptedResult);
|
||||
}
|
||||
}
|
||||
78
src/main/java/com/yj/earth/aspect/RoleAccessAspect.java
Normal file
78
src/main/java/com/yj/earth/aspect/RoleAccessAspect.java
Normal file
@ -0,0 +1,78 @@
|
||||
package com.yj.earth.aspect;
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import com.yj.earth.annotation.RoleAccess;
|
||||
import com.yj.earth.business.domain.User;
|
||||
import com.yj.earth.business.domain.Role;
|
||||
import com.yj.earth.business.service.UserService;
|
||||
import com.yj.earth.business.service.RoleService;
|
||||
import com.yj.earth.common.util.ApiResponse;
|
||||
import org.aspectj.lang.ProceedingJoinPoint;
|
||||
import org.aspectj.lang.annotation.Around;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.aspectj.lang.reflect.MethodSignature;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.lang.reflect.Method;
|
||||
|
||||
/**
|
||||
* 角色访问控制切面
|
||||
*/
|
||||
@Aspect
|
||||
@Component
|
||||
public class RoleAccessAspect {
|
||||
|
||||
@Resource
|
||||
private UserService userService;
|
||||
|
||||
@Resource
|
||||
private RoleService roleService;
|
||||
|
||||
/**
|
||||
* 环绕通知、验证角色权限
|
||||
*/
|
||||
@Around("@annotation(com.yj.earth.annotation.RoleAccess)")
|
||||
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
|
||||
// 获取当前登录用户ID
|
||||
if (!StpUtil.isLogin()) {
|
||||
return ApiResponse.failure("请先登录");
|
||||
}
|
||||
String userId = StpUtil.getLoginIdAsString();
|
||||
|
||||
// 获取用户信息
|
||||
User user = userService.getById(userId);
|
||||
if (user == null) {
|
||||
return ApiResponse.failure("用户不存在");
|
||||
}
|
||||
|
||||
// 获取用户角色信息
|
||||
Role role = roleService.getById(user.getRoleId());
|
||||
if (role == null) {
|
||||
return ApiResponse.failure("用户角色不存在");
|
||||
}
|
||||
|
||||
// 获取注解信息
|
||||
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
||||
Method method = signature.getMethod();
|
||||
RoleAccess roleAccess = method.getAnnotation(RoleAccess.class);
|
||||
String[] allowedRoles = roleAccess.roleNames();
|
||||
|
||||
// 验证角色是否有权限
|
||||
boolean hasPermission = false;
|
||||
for (String roleName : allowedRoles) {
|
||||
if (roleName.equals(role.getRoleName())) {
|
||||
hasPermission = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!hasPermission) {
|
||||
return ApiResponse.failure("没有访问权限、需要角色: " + String.join(",", allowedRoles));
|
||||
}
|
||||
|
||||
// 有权限、执行原方法
|
||||
return joinPoint.proceed();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user