Merge pull request #93 from geekidea/dev

🚔 优化Shiro方法验证RequiresPermissions

Author: springboot-plus

README-zh.md

@@ -194,6 +194,9 @@ public class SpringBootPlusGenerator {
                 .setGeneratorMapper(true)
                 .setGeneratorMapperXml(true);
 
+        // 是否生成Shiro RequiresPermissions注解
+        codeGenerator.setRequiresPermissions(true);
+
         // 是否覆盖已有文件
         codeGenerator.setFileOverride(true);
 

README.md

@@ -196,6 +196,9 @@ public class SpringBootPlusGenerator {
                 .setGeneratorMapper(true)
                 .setGeneratorMapperXml(true);
 
+        // Generated RequiresPermissions Annotation
+        codeGenerator.setRequiresPermissions(true);
+
         // Overwrite existing file or not
         codeGenerator.setFileOverride(true);
 

docs/db/mysql_spring_boot_plus.sql

@@ -284,7 +284,7 @@
         <!-- Shiro+JWT start -->
         <dependency>
             <groupId>org.apache.shiro</groupId>
-            <artifactId>shiro-spring-boot-starter</artifactId>
+            <artifactId>shiro-spring</artifactId>
             <version>${shiro.version}</version>
         </dependency>
 

pom.xml

@@ -58,6 +58,10 @@ public enum ApiCode {
 
     AUTHENTICATION_EXCEPTION(5104, "登陆授权异常"),
 
+    UNAUTHENTICATED_EXCEPTION(5105, "没有访问权限"),
+
+    UNAUTHORIZED_EXCEPTION(5106, "没有访问权限"),
+
 
     ;
 

src/main/java/io/geekidea/springbootplus/common/api/ApiCode.java

@@ -22,6 +22,8 @@
 import io.geekidea.springbootplus.system.exception.VerificationCodeException;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authz.UnauthenticatedException;
+import org.apache.shiro.authz.UnauthorizedException;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.converter.HttpMessageNotReadableException;
 import org.springframework.validation.BindingResult;
@@ -147,6 +149,35 @@ public ApiResult authenticationExceptionHandler(AuthenticationException exceptio
                 .setMsg(exception.getMessage());
     }
 
+
+    /**
+     * 未认证异常处理
+     *
+     * @param exception
+     * @return
+     */
+    @ExceptionHandler(value = UnauthenticatedException.class)
+    @ResponseStatus(HttpStatus.OK)
+    public ApiResult unauthenticatedExceptionHandler(UnauthenticatedException exception) {
+        log.error("unauthenticatedException:", exception);
+        return ApiResult.fail(ApiCode.UNAUTHENTICATED_EXCEPTION);
+    }
+
+
+    /**
+     * 未授权异常处理
+     *
+     * @param exception
+     * @return
+     */
+    @ExceptionHandler(value = UnauthorizedException.class)
+    @ResponseStatus(HttpStatus.OK)
+    public ApiResult unauthorizedExceptionHandler(UnauthorizedException exception) {
+        log.error("unauthorizedException:", exception);
+        return ApiResult.fail(ApiCode.UNAUTHORIZED_EXCEPTION);
+    }
+
+
     /**
      * 默认的异常处理
      *

src/main/java/io/geekidea/springbootplus/common/exception/GlobalExceptionHandler.java

@@ -27,6 +27,8 @@
 import io.geekidea.springbootplus.util.IpUtil;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.shiro.authz.annotation.*;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.Signature;
 import org.aspectj.lang.reflect.MethodSignature;
@@ -41,6 +43,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.lang.annotation.Annotation;
+import java.lang.reflect.AnnotatedType;
 import java.lang.reflect.Method;
 import java.util.*;
 
@@ -147,6 +150,13 @@ public Object handle(ProceedingJoinPoint joinPoint) throws Throwable {
             Annotation[][] annotations = method.getParameterAnnotations();
             boolean isRequestBody = isRequestBody(annotations);
             map.put("isRequestBody", isRequestBody);
+
+            AnnotatedType[] annotatedTypes = method.getAnnotatedParameterTypes();
+            System.out.println(Arrays.toString(annotatedTypes));
+
+            // 获取Shiro注解值，并记录到map中
+            handleShiroAnnotationValue(map, method);
+
             // 设置请求参数
             Object requestParamJson = getRequestParamJsonString(joinPoint, request, requestMethod, contentType, isRequestBody);
             map.put("param", requestParamJson);
@@ -172,6 +182,48 @@ public Object handle(ProceedingJoinPoint joinPoint) throws Throwable {
         return result;
     }
 
+    /**
+     * 获取Shiro注解值，并记录到map中
+     *
+     * @param map
+     * @param method
+     */
+    protected void handleShiroAnnotationValue(Map<String, Object> map, Method method) {
+        RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class);
+        if (requiresRoles != null) {
+            String[] requiresRolesValues = requiresRoles.value();
+            if (ArrayUtils.isNotEmpty(requiresRolesValues)) {
+                String requiresRolesString = Arrays.toString(requiresRolesValues);
+                map.put("requiresRoles", requiresRolesString);
+            }
+        }
+
+        RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
+        if (requiresPermissions != null) {
+            String[] requiresPermissionsValues = requiresPermissions.value();
+            if (ArrayUtils.isNotEmpty(requiresPermissionsValues)) {
+                String requiresPermissionsString = Arrays.toString(requiresPermissionsValues);
+                map.put("requiresPermissions", requiresPermissionsString);
+            }
+        }
+
+        RequiresAuthentication requiresAuthentication = method.getAnnotation(RequiresAuthentication.class);
+        if (requiresAuthentication != null) {
+            map.put("requiresAuthentication", true);
+        }
+
+        RequiresUser requiresUser = method.getAnnotation(RequiresUser.class);
+        if (requiresUser != null) {
+            map.put("requiresUser", true);
+        }
+
+        RequiresGuest requiresGuest = method.getAnnotation(RequiresGuest.class);
+        if (requiresGuest != null) {
+            map.put("requiresGuest", true);
+        }
+
+    }
+
     /**
      * 处理请求参数
      *

src/main/java/io/geekidea/springbootplus/core/aop/AbstractLogAop.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.geekidea.springbootplus.scheduled;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Component;
+
+/**
+ * Hello任务调度
+ *
+ * @author geekidea
+ * @date 2019-10-29
+ **/
+@Slf4j
+@Component
+public class HelloScheduled {
+
+    /**
+     * 每小时执行一次
+     */
+    @Scheduled(cron = "0 0 0/1 * * ? ")
+    public void hello() {
+        log.debug("Test Scheduled...");
+    }
+
+}

src/main/java/io/geekidea/springbootplus/scheduled/HelloScheduled.java

@@ -17,8 +17,8 @@
 package io.geekidea.springbootplus.shiro.config;
 
 import com.alibaba.fastjson.JSON;
-import io.geekidea.springbootplus.filter.RequestPathFilter;
 import io.geekidea.springbootplus.core.properties.SpringBootPlusFilterProperties;
+import io.geekidea.springbootplus.filter.RequestPathFilter;
 import io.geekidea.springbootplus.shiro.cache.LoginRedisService;
 import io.geekidea.springbootplus.shiro.exception.ShiroConfigException;
 import io.geekidea.springbootplus.shiro.jwt.JwtCredentialsMatcher;
@@ -126,7 +126,7 @@ public DefaultSubjectDAO subjectDAO() {
      * @return
      */
     @Bean
-    public DefaultWebSecurityManager securityManager(LoginRedisService loginRedisService) {
+    public SecurityManager securityManager(LoginRedisService loginRedisService) {
         DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
         securityManager.setRealm(jwtRealm(loginRedisService));
         securityManager.setSubjectDAO(subjectDAO());

src/main/java/io/geekidea/springbootplus/shiro/config/ShiroConfig.java

@@ -49,7 +49,7 @@ public class LoginController {
     private LoginService loginService;
 
     @PostMapping("/login")
-    @ApiOperation(value = "登陆", notes = "系统用户登陆", response = ApiResult.class)
+    @ApiOperation(value = "登陆", notes = "系统用户登陆", response = LoginSysUserTokenVo.class)
     public ApiResult login(@Valid @RequestBody LoginParam loginParam, HttpServletResponse response) throws Exception {
         LoginSysUserTokenVo loginSysUserTokenVo = loginService.login(loginParam);
         // 设置token响应头