|
|
@@ -30,6 +30,7 @@ import reactor.core.publisher.Mono;
|
|
|
import javax.annotation.Resource;
|
|
|
import java.util.List;
|
|
|
import java.util.Map;
|
|
|
+import java.util.Set;
|
|
|
|
|
|
/**
|
|
|
* 网关鉴权
|
|
|
@@ -45,6 +46,7 @@ public class AuthFilter implements GlobalFilter, Ordered {
|
|
|
private final static String URL_REPORT = "/report/";
|
|
|
/*** 角色表中 role_key ****/
|
|
|
private final static String REPORT_ROLE_KEY = "report_manager";
|
|
|
+ private final static String ADMIN_PERMISSIONS = "*:*:*";
|
|
|
|
|
|
// 排除过滤的 uri 地址,nacos自行添加
|
|
|
@Autowired
|
|
|
@@ -84,13 +86,17 @@ public class AuthFilter implements GlobalFilter, Ordered {
|
|
|
}
|
|
|
|
|
|
// 报表的接口重新过滤定义
|
|
|
- if (url.contains(URL_JMREPORT) || url.contains(URL_REPORT)) {
|
|
|
- JSONArray roles = obj.getJSONArray("roles");
|
|
|
- if (!roles.contains(REPORT_ROLE_KEY)) {
|
|
|
- return setUnauthorizedResponse(exchange, "您无权限,请联系管理员");
|
|
|
+ Set<String> permissions = (Set<String>) obj.get("permissions");
|
|
|
+ if(!permissions.contains(ADMIN_PERMISSIONS)) {
|
|
|
+ if (url.contains(URL_JMREPORT) || url.contains(URL_REPORT)) {
|
|
|
+ JSONArray roles = obj.getJSONArray("roles");
|
|
|
+ if (!roles.contains(REPORT_ROLE_KEY)) {
|
|
|
+ return setUnauthorizedResponse(exchange, "您无权限,请联系管理员");
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+
|
|
|
// 设置过期时间
|
|
|
redisService.expire(getTokenKey(token), EXPIRE_TIME);
|
|
|
// 设置用户信息到请求
|
929386168@qq.com