lql
/
fj-dc


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
							package cn.com.goldenwater.dcproj.target;

import cn.com.goldenwater.dcproj.constValue.CommonLabel;
import cn.com.goldenwater.dcproj.dto.LoginUser;
import cn.com.goldenwater.dcproj.model.BisInspPersOrg;
import cn.com.goldenwater.dcproj.param.BisInspPersOrgParam;
import cn.com.goldenwater.dcproj.service.BisInspPersOrgService;
import cn.com.goldenwater.dcproj.service.ErrorService;
import cn.com.goldenwater.dcproj.utils.JWTTokenUtil;
import cn.com.goldenwater.dcproj.utils.RequestUtils;
import cn.com.goldenwater.dcproj.utils.ReturnUtils;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

@Aspect
@Component("authorityAop")
public class AuthorityAop {

    @Value("${intercept.enable}")
    private boolean interceptEnable;
    @Autowired
    private RedisTemplate redisTemplate;
    @Autowired
    private ErrorService errorService;
    @Autowired
    private BisInspPersOrgService bisInspPersOrgService;

    @Pointcut(value = "@annotation(cn.com.goldenwater.dcproj.target.Authority)")
    public void authorityAop() {
    }

    @Around("authorityAop()")
    public Object doaround(ProceedingJoinPoint pjp) throws Throwable {
        MethodSignature signature = (MethodSignature) pjp.getSignature();
        Method method = signature.getMethod();
        Authority authority = method.getAnnotation(Authority.class);
        if (authority != null && interceptEnable) {
            HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
            String persId = request.getHeader(CommonLabel.PERSID);
            String roles = authority.roles();
            String uuid = request.getHeader(CommonLabel.ACCESS_TOKEN);
            // 判断请求是否有含有 accessToken
            if (StringUtils.isBlank(uuid)) {
                errorService.addErrorMsg("accessToken is null", request);
                return ReturnUtils.retFileResponse(9991, CommonLabel.NO_PREMISSION);
            }
            // 获取登录用户
            String accessToken = (String) redisTemplate.opsForValue().get(uuid);
            LoginUser inspAllRlationPers = JWTTokenUtil.unsign(accessToken, persId);
            if (inspAllRlationPers == null) {
                return ReturnUtils.retFileResponse(9999, "请退出后重新登录!!");
            }
            BisInspPersOrgParam bisInspPersOrgParam = new BisInspPersOrgParam();
            String orgId = request.getHeader(CommonLabel.ORGId);
            bisInspPersOrgParam.setOrgId(orgId);
            bisInspPersOrgParam.setPersId(inspAllRlationPers.getPersId());
            BisInspPersOrg bisInspPersOrg = bisInspPersOrgService.getBy(bisInspPersOrgParam);

            if ("1".equals(roles)) {
                // 管理员操作
                if (!"1".equals(bisInspPersOrg.getUserType())) {
                    // 用户无权限操作此接口
                    errorService.addErrorMsg("用户无权限操作此接口! persType[" + bisInspPersOrg.getUserType() + "]", request);
                    return ReturnUtils.retFileResponse(9991, CommonLabel.NO_PREMISSION);
                }
            } else {
                // Questions ???
                String paramPersId = RequestUtils.getPersId(request, response);
                if (StringUtils.isNotBlank(paramPersId)) {
                    if (!persId.equals(paramPersId)) {
                        errorService.addErrorMsg("persId is not eq:{persId:" + persId + ",paramPersId:+" + paramPersId + "}", request);
                        return ReturnUtils.retFileResponse(9991, CommonLabel.NO_PREMISSION);
                    }
                }
            }

        }

        return pjp.proceed();
    }

}