动态权限校验

0105f00f · ManongJu · 746749e5 · 0105f00f · 0105f00f · 0105f00f
5 changed file
--- a/mss-gateway/src/main/java/com/microservice/skeleton/gateway/filter/AuthFilter.java
+++ b/mss-gateway/src/main/java/com/microservice/skeleton/gateway/filter/AuthFilter.java
@@ -89,12 +89,11 @@ public class AuthFilter implements GlobalFilter , Ordered {
    }

    private boolean isExclusionUrl(String path){
-        final String url = getRealUrl(path);
        List<String> exclusions = exclusionUrl.getUrl();
        if (exclusions.size() == 0){
            return false;
        }
-        return exclusions.stream().anyMatch( action -> antPathMatcher.match(action , url));
+        return exclusions.stream().anyMatch( action -> antPathMatcher.match(action , path));

    }

@@ -123,6 +122,9 @@ public class AuthFilter implements GlobalFilter , Ordered {
    private boolean hasPermission(String headerToken, String path){
        String url = getRealUrl(path);
        try {
+            if (StringUtils.isEmpty(headerToken)){
+                return false;
+            }
            SignedJWT jwt = getSignedJWT(headerToken);
            Object payload = jwt.getJWTClaimsSet().getClaim("payload");
            UserVo user = JSON.parseObject(payload.toString(), UserVo.class);

--- a/mss-gateway/src/main/resources/application.yml
+++ b/mss-gateway/src/main/resources/application.yml
@@ -37,5 +37,6 @@ hystrix:
            timeoutInMilliseconds: 600000
 exclusion:
  url:
-    - /goods/list
-    - /goods/detail
\ No newline at end of file
+    - /goods-center/goods/list
+    - /goods-center/goods/detail
+    - /uaa/login
\ No newline at end of file
--- a/mss-upms/src/main/java/com/microservice/skeleton/upms/controller/TestController.java
+++ b/mss-upms/src/main/java/com/microservice/skeleton/upms/controller/TestController.java
+package com.microservice.skeleton.upms.controller;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @author Mr.Yangxiufeng
+ * @date 2020-10-29
+ * @time 16:32
+ */
+@RestController
+@RequestMapping("order")
+public class TestController {
+
+    @GetMapping("list")
+    public String orderList(){
+        return "order list";
+    }
+    @GetMapping("detail")
+    public String orderDetail(){
+        return "order detail";
+    }
+}
--- a/other/db/zuul-auth.sql
+++ b/other/db/zuul-auth.sql
@@ -10,7 +10,7 @@ Target Server Type    : MYSQL
 Target Server Version : 50628
 File Encoding         : 65001

-Date: 2018-12-07 17:26:38
+Date: 2020-10-29 16:47:06
 */

 SET FOREIGN_KEY_CHECKS=0;
@@ -164,11 +164,14 @@ CREATE TABLE `sys_menu` (
  `update_time` datetime DEFAULT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `FK_CODE` (`code`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;

 -- ----------------------------
 -- Records of sys_menu
 -- ----------------------------
+INSERT INTO `sys_menu` VALUES ('1', 'order', null, null, '订单管理', null, '1', null, null, null, null, null, null);
+INSERT INTO `sys_menu` VALUES ('2', 'order_list', 'order', '1', '订单列表查询', '/order/list', '2', null, null, null, null, null, null);
+INSERT INTO `sys_menu` VALUES ('3', 'order_detail', 'order', '1', '订单详情', '/order/detail', '2', null, null, null, null, null, null);

 -- ----------------------------
 -- Table structure for sys_privilege
@@ -184,6 +187,9 @@ CREATE TABLE `sys_privilege` (
 -- ----------------------------
 -- Records of sys_privilege
 -- ----------------------------
+INSERT INTO `sys_privilege` VALUES ('6', '1', null);
+INSERT INTO `sys_privilege` VALUES ('6', '2', null);
+INSERT INTO `sys_privilege` VALUES ('6', '3', null);

 -- ----------------------------
 -- Table structure for sys_role
@@ -205,9 +211,7 @@ CREATE TABLE `sys_role` (
 -- ----------------------------
 -- Records of sys_role
 -- ----------------------------
-INSERT INTO `sys_role` VALUES ('6', '管理员', 'admin', null, '2017-06-20 15:07:13', '2017-06-26 12:46:09', '1');
-INSERT INTO `sys_role` VALUES ('8', '超级管理员', 'super', null, '2017-06-20 15:08:45', null, '1');
-INSERT INTO `sys_role` VALUES ('17', '用户', 'user', null, '2017-06-28 18:50:39', '2017-07-21 09:41:28', '1');
+INSERT INTO `sys_role` VALUES ('6', '管理员', 'admin', null, '2020-10-28 15:07:13', null, '1');

 -- ----------------------------
 -- Table structure for sys_user
@@ -234,10 +238,9 @@ CREATE TABLE `sys_user` (
 -- ----------------------------
 -- Records of sys_user
 -- ----------------------------
-INSERT INTO `sys_user` VALUES ('46', null, 'super', '$2a$10$cKRbR9IJktfmKmf/wShyo.5.J8IxO/7YVn8twuWFtvPgruAF8gtKq', null, '超级管理员', '2017-06-22 14:26:09', '1', null, null, '1', '2017-06-20 15:12:16', '2017-09-12 14:39:48');
-INSERT INTO `sys_user` VALUES ('48', null, 'admin', '$2a$10$cKRbR9IJktfmKmf/wShyo.5.J8IxO/7YVn8twuWFtvPgruAF8gtKq', null, '管理员', null, '1', null, null, '1', '2017-06-26 17:31:41', null);
-INSERT INTO `sys_user` VALUES ('50', null, 'test1', '$2a$10$cKRbR9IJktfmKmf/wShyo.5.J8IxO/7YVn8twuWFtvPgruAF8gtKq', null, 'test1', null, '1', null, null, '1', '2017-09-18 16:11:15', null);
-INSERT INTO `sys_user` VALUES ('51', null, 'test2', '$2a$10$cKRbR9IJktfmKmf/wShyo.5.J8IxO/7YVn8twuWFtvPgruAF8gtKq', null, 'test2', null, '1', null, null, '1', '2017-09-21 17:09:51', null);
+INSERT INTO `sys_user` VALUES ('48', null, 'admin', '$2a$10$vmp.zWWnX3LFxSs6I00i0eurlHR7ymcfUQ5HtXw71w9QJ.2JUf8Ua', null, '管理员', null, '1', null, null, '1', '2020-10-27 17:31:41', null);
+INSERT INTO `sys_user` VALUES ('50', null, 'test1', '$2a$10$vmp.zWWnX3LFxSs6I00i0eurlHR7ymcfUQ5HtXw71w9QJ.2JUf8Ua', null, 'test1', null, '1', null, null, '1', '2020-10-27 16:11:15', null);
+INSERT INTO `sys_user` VALUES ('51', null, 'test2', '$2a$10$vmp.zWWnX3LFxSs6I00i0eurlHR7ymcfUQ5HtXw71w9QJ.2JUf8Ua', null, 'test2', null, '1', null, null, '1', '2020-10-27 17:09:51', null);

 -- ----------------------------
 -- Table structure for sys_user_role
@@ -250,8 +253,9 @@ CREATE TABLE `sys_user_role` (
  `create_time` datetime DEFAULT NULL,
  `create_by` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
-) ENGINE=InnoDB AUTO_INCREMENT=24 DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;

 -- ----------------------------
 -- Records of sys_user_role
 -- ----------------------------
+INSERT INTO `sys_user_role` VALUES ('1', '48', '6', null, null);
--- a/pom.xml
+++ b/pom.xml
@@ -21,10 +21,6 @@
 		<swagger2.version>2.9.2</swagger2.version>
 		<mybatis-plus.version>2.2.0</mybatis-plus.version>
 		<tk.mybatis.starter.version>2.0.4</tk.mybatis.starter.version>
-		<!--升级SpringBoot2.0.x后出现Which fixed NoSuchMethodError.RedisConnection.set([B[B)V issue
-		，需要解决https://github.com/spring-projects/spring-security-oauth2-boot/issues/27，
-		SpringBoot2.1.X已经解决，真是坑啊，所以说不要盲目的升级！！！-->
-        <spring-security-oauth.version>2.3.3.RELEASE</spring-security-oauth.version>
 		<com.spotify-version>0.4.13</com.spotify-version>
 	</properties>
 	<parent>