|
|
@@ -1,17 +1,22 @@
|
|
|
package com.uas.platform.b2b.filter;
|
|
|
|
|
|
-import java.util.ArrayList;
|
|
|
-import java.util.Collection;
|
|
|
-import java.util.HashMap;
|
|
|
-import java.util.HashSet;
|
|
|
-import java.util.Iterator;
|
|
|
-import java.util.List;
|
|
|
-import java.util.Map;
|
|
|
-import java.util.Set;
|
|
|
-
|
|
|
-import javax.servlet.http.HttpServletRequest;
|
|
|
-import javax.servlet.http.HttpServletResponse;
|
|
|
-
|
|
|
+import com.uas.platform.b2b.dao.ResourceItemDao;
|
|
|
+import com.uas.platform.b2b.manage.service.AccessTokenService;
|
|
|
+import com.uas.platform.b2b.model.*;
|
|
|
+import com.uas.platform.b2b.service.EnterpriseService;
|
|
|
+import com.uas.platform.b2b.service.RoleService;
|
|
|
+import com.uas.platform.b2b.service.SigninLogService;
|
|
|
+import com.uas.platform.b2b.service.UserService;
|
|
|
+import com.uas.platform.b2b.support.SecurityConstant;
|
|
|
+import com.uas.platform.b2b.support.SystemSession;
|
|
|
+import com.uas.platform.b2b.support.UserCreater;
|
|
|
+import com.uas.platform.core.model.Constant;
|
|
|
+import com.uas.platform.core.util.AgentUtils;
|
|
|
+import com.uas.platform.core.util.encry.Md5Utils;
|
|
|
+import com.uas.platform.core.util.serializer.FlexJsonUtils;
|
|
|
+import com.uas.sso.SSOHelper;
|
|
|
+import com.uas.sso.SSOToken;
|
|
|
+import com.uas.sso.web.spring.AbstractSSOInterceptor;
|
|
|
import org.apache.commons.collections.CollectionUtils;
|
|
|
import org.apache.log4j.Logger;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
@@ -29,28 +34,10 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
|
import org.springframework.util.StringUtils;
|
|
|
|
|
|
-import com.uas.platform.b2b.dao.ResourceItemDao;
|
|
|
-import com.uas.platform.b2b.manage.service.AccessTokenService;
|
|
|
-import com.uas.platform.b2b.model.Enterprise;
|
|
|
-import com.uas.platform.b2b.model.ResourceItem;
|
|
|
-import com.uas.platform.b2b.model.Role;
|
|
|
-import com.uas.platform.b2b.model.SigninLog;
|
|
|
-import com.uas.platform.b2b.model.User;
|
|
|
-import com.uas.platform.b2b.model.Vendor;
|
|
|
-import com.uas.platform.b2b.service.EnterpriseService;
|
|
|
-import com.uas.platform.b2b.service.RoleService;
|
|
|
-import com.uas.platform.b2b.service.SigninLogService;
|
|
|
-import com.uas.platform.b2b.service.UserService;
|
|
|
-import com.uas.platform.b2b.support.SecurityConstant;
|
|
|
-import com.uas.platform.b2b.support.SystemSession;
|
|
|
-import com.uas.platform.b2b.support.UserCreater;
|
|
|
-import com.uas.platform.core.model.Constant;
|
|
|
-import com.uas.platform.core.util.AgentUtils;
|
|
|
-import com.uas.platform.core.util.encry.Md5Utils;
|
|
|
-import com.uas.platform.core.util.serializer.FlexJsonUtils;
|
|
|
-import com.uas.sso.SSOHelper;
|
|
|
-import com.uas.sso.SSOToken;
|
|
|
-import com.uas.sso.web.spring.AbstractSSOInterceptor;
|
|
|
+import javax.servlet.http.HttpServletRequest;
|
|
|
+import javax.servlet.http.HttpServletResponse;
|
|
|
+import java.io.IOException;
|
|
|
+import java.util.*;
|
|
|
|
|
|
@SuppressWarnings("deprecation")
|
|
|
public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
@@ -125,7 +112,11 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
}
|
|
|
if (user != null) {
|
|
|
SystemSession.setUser(user);
|
|
|
- accessDecision(request, user);
|
|
|
+ try {
|
|
|
+ accessDecision(request, user, response);
|
|
|
+ } catch (IOException e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
return true;
|
|
|
} else {
|
|
|
if (SecurityConstant.AUTHENTICATION_URL.equals(request.getRequestURI())) {
|
|
|
@@ -161,14 +152,18 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
}
|
|
|
if (user != null) {
|
|
|
SystemSession.setUser(user);
|
|
|
- accessDecision(request, user);
|
|
|
+ try {
|
|
|
+ accessDecision(request, user, response);
|
|
|
+ } catch (IOException e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
* 权限验证
|
|
|
*/
|
|
|
- private void accessDecision(HttpServletRequest request, User user) {
|
|
|
+ private void accessDecision(HttpServletRequest request, User user, HttpServletResponse response) throws IOException {
|
|
|
Collection<ConfigAttribute> configAttributes = getAttributes(request);
|
|
|
if (null == configAttributes || configAttributes.size() == 0 || user.isSys()) {
|
|
|
return;
|
|
|
@@ -202,8 +197,18 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
// if (!CollectionUtils.isEmpty(myVendors)) {
|
|
|
// return;
|
|
|
// }
|
|
|
- if (needPermission != null)
|
|
|
- throw new AccessDeniedException("无法访问,没有 " + needPermission + " 权限!");
|
|
|
+ if (needPermission != null) {
|
|
|
+ if(needPermission.contains("导出")) {
|
|
|
+ String retUrl = request.getContextPath();
|
|
|
+ try {
|
|
|
+ throw new AccessDeniedException("无法访问,没有 " + needPermission + " 权限!");
|
|
|
+ } finally {
|
|
|
+ response.sendRedirect(retUrl + "/static/tpl/start/index.html");
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ throw new AccessDeniedException("无法访问,没有 " + needPermission + " 权限!");
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
@Override
|
wangmh