|
|
@@ -1,20 +1,22 @@
|
|
|
package com.uas.platform.b2c.core.filter;
|
|
|
|
|
|
import com.uas.platform.b2c.common.account.dao.ResourceItemDao;
|
|
|
-import com.uas.platform.b2c.common.account.model.*;
|
|
|
+import com.uas.platform.b2c.common.account.model.Enterprise;
|
|
|
+import com.uas.platform.b2c.common.account.model.ResourceItem;
|
|
|
+import com.uas.platform.b2c.common.account.model.Role;
|
|
|
+import com.uas.platform.b2c.common.account.model.User;
|
|
|
import com.uas.platform.b2c.common.account.service.SigninLogService;
|
|
|
import com.uas.platform.b2c.common.account.service.UserService;
|
|
|
-import com.uas.platform.b2c.core.support.SystemSession;
|
|
|
import com.uas.platform.b2c.core.constant.PathConstant;
|
|
|
+import com.uas.platform.b2c.core.support.SystemSession;
|
|
|
+import com.uas.platform.b2c.core.utils.FastjsonUtils;
|
|
|
import com.uas.platform.core.model.Constant;
|
|
|
import com.uas.platform.core.util.AgentUtils;
|
|
|
import com.uas.platform.core.util.serializer.FlexJsonUtils;
|
|
|
import com.uas.sso.SSOConfig;
|
|
|
import com.uas.sso.SSOHelper;
|
|
|
import com.uas.sso.SSOToken;
|
|
|
-import com.uas.sso.common.SSOProperties;
|
|
|
-import com.uas.sso.common.util.HttpUtil;
|
|
|
- import com.uas.sso.entity.UserAccount;
|
|
|
+import com.uas.sso.entity.UserAccount;
|
|
|
import com.uas.sso.web.spring.AbstractSSOInterceptor;
|
|
|
import org.apache.commons.collections.CollectionUtils;
|
|
|
import org.apache.log4j.Logger;
|
|
|
@@ -173,9 +175,15 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
private void accessDecision(HttpServletRequest request, User user) {
|
|
|
//判断当前访问是否有权限限制
|
|
|
Collection<ConfigAttribute> configAttributes = getAttributes(request);
|
|
|
+ String resourceUrl = request.getServletPath();
|
|
|
+ if (request.getPathInfo() != null) {
|
|
|
+ resourceUrl = resourceUrl + request.getPathInfo();
|
|
|
+ }
|
|
|
+ logger.info("【"+user.getUserUU()+"当前访问路径】:*******"+"resourceUrl:"+resourceUrl);
|
|
|
if (null == configAttributes || configAttributes.size() == 0 || user.isSys() || user.getEnterprise() == null) {
|
|
|
return;
|
|
|
}
|
|
|
+ logger.info("【"+user.getUserUU()+"当前资源的权限】:*******"+"configAttributes:"+FastjsonUtils.toJson(configAttributes));
|
|
|
Iterator<ConfigAttribute> iterator = configAttributes.iterator();
|
|
|
String needPermission = null;
|
|
|
if (null == authorities || !authorities.containsKey(user.getUserUU())) {
|
|
|
@@ -183,6 +191,7 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
}
|
|
|
//获取当前登录用户的所有权限;
|
|
|
Collection<GrantedAuthority> userAuthorities = authorities.get(user.getUserUU());
|
|
|
+ logger.info("【"+user.getUserUU()+"用户所有权限】:*******"+"userAuthorities:"+FastjsonUtils.toJson(userAuthorities));
|
|
|
//匹配当前访问权限;
|
|
|
while (iterator.hasNext()) {
|
|
|
ConfigAttribute configAttribute = iterator.next();
|
|
|
@@ -233,7 +242,8 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
|
|
|
resourceMap.put(resource.getMethod() + ":" + resource.getUrl(), configAttributes);
|
|
|
}
|
|
|
}
|
|
|
- }
|
|
|
+ logger.info("【权限控制资源】"+"size:"+resourceMap.size()+"*******"+"resourceMap:"+FastjsonUtils.toJSON(resourceMap));
|
|
|
+ }
|
|
|
|
|
|
/**
|
|
|
* 根据路径获取访问权限的集合接口
|
dongbw