优化权限控制

2026-06-09 09:24:03 +08:00 · 2017-02-24 18:19:09 +08:00
parent 4124897ec5
commit ef26546f03
5 changed files with 21 additions and 4 deletions
--- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java
@@ -61,6 +61,16 @@ public interface Permission extends Serializable {
     */
    String ACTION_EXPORT = "export";

+    /**
+     * 禁用
+     */
+    String ACTION_DISABLE = "disable";
+
+    /**
+     * 启用
+     */
+    String ACTION_ENABLE = "enable";
+
    /**
     * 获取权限ID，权限的唯一标识
     *
--- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationListener.java
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/listener/UserAuthorizationListener.java
@@ -36,5 +36,8 @@ public interface UserAuthorizationListener {
    default void onAuthorizeFail(String username) {
    }

+    default void onLoginOut(Authorization authorization){
+
+    }
    void onAuthorizeSuccess(boolean isRemembered, Authorization authorization);
 }
--- a/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/ListenerAuthorizingRealm.java
+++ b/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/ListenerAuthorizingRealm.java
@@ -67,6 +67,13 @@ public class ListenerAuthorizingRealm extends AuthorizingRealm implements UserAu
                authorization.getUser().getName());
    }

+    @Override
+    public void onLoginOut(Authorization authorization) {
+        if (null != authorization)
+            getCache(authorization.getUser().getUsername()).clear();
+        SecurityUtils.getSubject().logout();
+    }
+
    @Override
    public void onAuthorizeSuccess(boolean isRemembered, Authorization authorization) {
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
--- a/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java
+++ b/hsweb-authorization/hsweb-authorization-shiro/src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java
@@ -65,6 +65,7 @@ public class SimpleAuthorizeMethodInterceptor extends AuthorizingAnnotationMetho
            if (!(a instanceof Authorize)) return;
            MethodInterceptorHolder holder = MethodInterceptorHolder.current();
            if (null == holder) {
+                logger.warn("MethodInterceptorHolder is null,maybe config is error!");
                return;
            }
            AuthorizeConfig authorizeConfig = new AuthorizeConfig(holder.getArgs());
--- a/hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java
+++ b/hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/TestController.java
@@ -61,10 +61,6 @@ public class TestController implements QueryController<UserEntity, String, Query
        return ResponseMessage.ok(entity);
    }

-    public static void main(String[] args) throws NoSuchMethodException {
-        System.out.println(UserController.class.getMethod("list", Entity.class));
-    }
-
    @Override
    public TestService getService() {
        return new TestService();