7 years ago · 0d161e5050
--- a/base-servers/gateway-server/src/main/java/com/usoftchina/saas/gateway/config/AuthFilter.java
+++ b/base-servers/gateway-server/src/main/java/com/usoftchina/saas/gateway/config/AuthFilter.java
@@ -19,7 +19,9 @@ import com.usoftchina.saas.exception.ExceptionCode;
 
				 import com.usoftchina.saas.gateway.error.PermissionException;
			
 
				 import com.usoftchina.saas.gateway.util.AntPathRequestMatcher;
			
 
				 import com.usoftchina.saas.utils.CollectionUtils;
			
 
				+import com.usoftchina.saas.utils.JsonUtils;
			
 
				 import com.usoftchina.saas.utils.RedisUtil;
			
 
				+import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.boot.context.properties.EnableConfigurationProperties;
			
@@ -57,6 +59,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
 
				     @Autowired
			
 
				     private AuthApi authApi;
			
 
				 
			
 
				+    private static final Logger LOGGER = LoggerFactory.getLogger(AuthFilter.class);
			
 
				+
			
 
				     @Override
			
 
				     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
			
 
				         try {
			
@@ -118,6 +122,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
 
				      * @param accountDTO
			
 
				      */
			
 
				     private void checkPermission(ServerHttpRequest request, JwtInfo jwt, AccountDTO accountDTO) {
			
 
				+        LOGGER.info("JwtInfo: " + JsonUtils.toJsonString(jwt));
			
 
				+        LOGGER.info("accountDTO:" + JsonUtils.toJsonString(accountDTO));
			
 
				         if (!accountDTO.isAdmin(jwt.getCompanyId())) {
			
 
				             // 非管理账户，需要鉴权
			
 
				             List<UrlResourceDTO> resources = ResourceCache.current().getUrlResources();
			
@@ -129,6 +135,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
 
				                 }).collect(Collectors.toList());
			
 
				                 if (!CollectionUtils.isEmpty(permissions)) {
			
 
				                     Set<Long> resourceIds = accountDTO.getResources(jwt.getAppId(), jwt.getCompanyId());
			
 
				+                    LOGGER.info("permissions: " + permissions);
			
 
				+                    LOGGER.info("resourceIds: " + resourceIds);
			
 
				                     boolean permitted = false;
			
 
				                     if (null != resourceIds) {
			
 
				                         // 权限匹配