diff --git a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysMenuServiceImpl.java b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysMenuServiceImpl.java index 0094b1cb2..3d1353b6b 100644 --- a/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysMenuServiceImpl.java +++ b/youlai-admin/admin-boot/src/main/java/com/youlai/admin/service/impl/SysMenuServiceImpl.java @@ -108,12 +108,8 @@ public class SysMenuServiceImpl extends ServiceImpl impl routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx}) routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx}) - - if (SystemConstants.ROOT_MENU_ID.equals(parentId)) { - routeVO.setComponent("Layout"); - } else { - routeVO.setComponent(menu.getComponent()); - } + routeVO.setRedirect(menu.getRedirect()); + routeVO.setComponent(menu.getComponent()); routeVO.setRedirect(menu.getRedirect()); routeVO.setMeta(routeVO.new Meta( menu.getName(), diff --git a/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java b/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java index 608ecf9ba..85cac50b5 100644 --- a/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java +++ b/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java @@ -93,7 +93,6 @@ public class ResourceServerConfig { } /** - * @return * @link https://blog.csdn.net/qq_24230139/article/details/105091273 * ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication * 需要把jwt的Claim中的authorities加入 diff --git a/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerManager.java b/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerManager.java index d31ab1214..b6438ff03 100644 --- a/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerManager.java +++ b/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerManager.java @@ -3,13 +3,10 @@ package com.youlai.gateway.security; import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.convert.Convert; import cn.hutool.core.util.StrUtil; -import cn.hutool.json.JSON; -import cn.hutool.json.JSONObject; -import cn.hutool.json.JSONUtil; import com.youlai.common.constant.AuthConstants; import com.youlai.common.constant.GlobalConstants; import com.youlai.gateway.component.AdminRoleLocalCache; -import lombok.AllArgsConstructor; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; import org.springframework.data.redis.core.RedisTemplate; @@ -36,16 +33,17 @@ import java.util.Set; * @date 2020-05-01 */ @Component -@AllArgsConstructor +@RequiredArgsConstructor @Slf4j public class ResourceServerManager implements ReactiveAuthorizationManager { - private RedisTemplate redisTemplate; - private AdminRoleLocalCache adminRoleLocalCache; + private final RedisTemplate redisTemplate; + private final AdminRoleLocalCache adminRoleLocalCache; // 是否演示环境 @Value("${demo}") private Boolean isDemoEnv; + @Override public Mono check(Mono mono, AuthorizationContext authorizationContext) { ServerHttpRequest request = authorizationContext.getExchange().getRequest(); @@ -72,11 +70,11 @@ public class ResourceServerManager implements ReactiveAuthorizationManager permRolesRules = (Map) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY); - if (isDemoEnv){ + if (isDemoEnv) { // 缓存取【URL权限标识->角色集合】权限规则 - if(null==permRolesRules){ + if (null == permRolesRules) { permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY); - adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY,permRolesRules); + adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY, permRolesRules); } } @@ -84,16 +82,19 @@ public class ResourceServerManager implements ReactiveAuthorizationManager hasPermissionRoles = CollectionUtil.newHashSet(); // 【声明定义】有权限的角色集合 boolean needToCheck = false; // 【声明定义】是否需要被拦截检查的请求,如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配,默认不需要被鉴权 - for (Map.Entry permRoles : permRolesRules.entrySet()) { - String perm = permRoles.getKey(); // 缓存权限规则的键:URL权限标识 - if (pathMatcher.match(perm, restfulPath)) { - List roles = Convert.toList(String.class, permRoles.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合 - hasPermissionRoles.addAll(Convert.toList(String.class, roles)); - if (needToCheck == false) { - needToCheck = true; + if (CollectionUtil.isNotEmpty(permRolesRules)) { + for (Map.Entry ruleEntry : permRolesRules.entrySet()) { + String perm = ruleEntry.getKey(); // 缓存权限规则的键:URL权限标识 + if (pathMatcher.match(perm, restfulPath)) { + List roles = Convert.toList(String.class, ruleEntry.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合 + hasPermissionRoles.addAll(Convert.toList(String.class, roles)); + if (needToCheck == false) { + needToCheck = true; + } } } } + log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString()); // 没有设置权限规则放行;注:如果默认想拦截所有的请求请移除needToCheck变量逻辑即可,根据需求定制 if (needToCheck == false) { diff --git a/youlai-gateway/src/main/java/com/youlai/gateway/security/SecurityGlobalFilter.java b/youlai-gateway/src/main/java/com/youlai/gateway/security/SecurityGlobalFilter.java index 953c3d4f6..e1ac9db51 100644 --- a/youlai-gateway/src/main/java/com/youlai/gateway/security/SecurityGlobalFilter.java +++ b/youlai-gateway/src/main/java/com/youlai/gateway/security/SecurityGlobalFilter.java @@ -7,6 +7,7 @@ import com.nimbusds.jose.JWSObject; import com.youlai.common.constant.AuthConstants; import com.youlai.common.result.ResultCode; import com.youlai.gateway.util.ResponseUtils; +import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.apache.logging.log4j.util.Strings; @@ -30,11 +31,11 @@ import reactor.core.publisher.Mono; * @date 2020-06-12 */ @Component +@RequiredArgsConstructor @Slf4j public class SecurityGlobalFilter implements GlobalFilter, Ordered { - @Autowired - private RedisTemplate redisTemplate; + private final RedisTemplate redisTemplate; // 是否演示环境 @Value("${demo}")