Merge branch 'master' into dev

# Conflicts: # pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java
2024-12-31 08:14:18 +08:00 · 2023-08-17 16:01:55 +08:00 · 2023-08-17 16:01:55 +08:00 · 6b0aae7d26
commit 6b0aae7d26
parent 71ad776a42 e427126bcc
3 changed files with 12 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -21,7 +21,7 @@

 [ 配套视频 tv.pig4cloud.com](https://www.bilibili.com/video/BV12t411B7e9)

-[PIGX 在线体验 pigx.pig4cloud.com](http://pigx.pig4cloud.com)
+[PIGX 在线体验 pigx.pigx.top](http://pigx.pigx.top)

 [产品白皮书 paper.pig4cloud.com](https://paper.pig4cloud.com)

--- a/pig-common/pig-common-bom/pom.xml
+++ b/pig-common/pig-common-bom/pom.xml
@ -21,7 +21,7 @@
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
        <git.commit.plugin>4.9.9</git.commit.plugin>
-        <spring.checkstyle.plugin>0.0.34</spring.checkstyle.plugin>
+        <spring.checkstyle.plugin>0.0.38</spring.checkstyle.plugin>
        <fastjson.version>1.2.83</fastjson.version>
        <springdoc.version>1.6.9</springdoc.version>
        <swagger.core.version>2.2.0</swagger.core.version>
--- a/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java
+++ b/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java
@ -21,9 +21,9 @@ import com.pig4cloud.pig.common.security.annotation.Inner;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.JoinPoint;
 import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
 import org.springframework.core.Ordered;
 import org.springframework.security.access.AccessDeniedException;

@ -43,14 +43,19 @@ public class PigSecurityInnerAspect implements Ordered {
 	private final HttpServletRequest request;

 	@SneakyThrows
-	@Around("@within(inner) || @annotation(inner)")
-	public Object around(ProceedingJoinPoint point, Inner inner) {
+	@Before("@within(inner) || @annotation(inner)")
+	public void around(JoinPoint point, Inner inner) {
+		// 实际注入的inner实体由表达式后一个注解决定，即是方法上的@Inner注解实体，若方法上无@Inner注解，则获取类上的
+		// 这段代码没有意义，拦截的就是@Inner注解，怎么会为null呢
+		// if (inner == null) {
+		// Class<?> clazz = point.getTarget().getClass();
+		// inner = AnnotationUtils.findAnnotation(clazz, Inner.class);
+		// }
 		String header = request.getHeader(SecurityConstants.FROM);
 		if (inner.value() && !SecurityConstants.FROM_IN.equals(header)) {
 			log.warn("访问接口 {} 没有权限", point.getSignature().getName());
 			throw new AccessDeniedException("Access is denied");
 		}
-		return point.proceed();
 	}

 	@Override