shiro被砍,basic顶替.

2026-05-13 00:28:59 +08:00 · 2017-08-18 17:55:11 +08:00
parent b5a8cf712c
commit f342de5bb8
23 changed files with 86 additions and 77 deletions
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java
@@ -8,7 +8,7 @@ import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler;
 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
 import org.hswebframework.web.boost.aop.context.MethodInterceptorHolder;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
+import org.hswebframework.web.boost.aop.context.MethodInterceptorContext;
 import org.springframework.aop.support.StaticMethodMatcherPointcutAdvisor;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RestController;
@@ -25,7 +25,7 @@ public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor

            MethodInterceptorHolder holder = MethodInterceptorHolder.create(methodInvocation);

-            MethodInterceptorParamContext paramContext = holder.createParamContext();
+            MethodInterceptorContext paramContext = holder.createParamContext();

            AuthorizeDefinition definition = aopMethodAuthorizeDefinitionParser.parse(paramContext);

--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java
@@ -1,13 +1,13 @@
 package org.hswebframework.web.authorization.basic.aop;

 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
+import org.hswebframework.web.boost.aop.context.MethodInterceptorContext;

 /**
 * 自定义权限控制定义，在拦截到方法后，优先使用此接口来获取权限控制方式
 * @see AuthorizeDefinition
 * @author zhouhao
 */
-public interface AopMethodAuthorizeDefinitionParserCustomer {
-    AuthorizeDefinition parse(MethodInterceptorParamContext context);
+public interface AopMethodAuthorizeDefinitionCustomizerParser {
+    AuthorizeDefinition parse(MethodInterceptorContext context);
 }
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java
@@ -1,7 +1,7 @@
 package org.hswebframework.web.authorization.basic.aop;

 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
+import org.hswebframework.web.boost.aop.context.MethodInterceptorContext;

 /**
 * 权限控制定义解析器,用于解析被拦截的请求是否需要进行权限控制,以及权限控制的方式
@@ -17,5 +17,5 @@ public interface AopMethodAuthorizeDefinitionParser {
     * @param paramContext 被拦截的方法上下文
     * @return 权限控制定义, 如果不进行权限控制则返回{@code null}
     */
-    AuthorizeDefinition parse(MethodInterceptorParamContext paramContext);
+    AuthorizeDefinition parse(MethodInterceptorContext paramContext);
 }
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java
@@ -7,7 +7,7 @@ import org.hswebframework.web.authorization.annotation.RequiresExpression;
 import org.hswebframework.web.authorization.basic.define.DefaultBasicAuthorizeDefinition;
 import org.hswebframework.web.authorization.basic.define.EmptyAuthorizeDefinition;
 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
+import org.hswebframework.web.boost.aop.context.MethodInterceptorContext;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.util.CollectionUtils;

@@ -29,16 +29,16 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho
    private Map<Method, AuthorizeDefinition> cache = new ConcurrentHashMap<>();


-    private List<AopMethodAuthorizeDefinitionParserCustomer> parserCustomers;
+    private List<AopMethodAuthorizeDefinitionCustomizerParser> parserCustomers;


    @Autowired(required = false)
-    public void setParserCustomers(List<AopMethodAuthorizeDefinitionParserCustomer> parserCustomers) {
+    public void setParserCustomers(List<AopMethodAuthorizeDefinitionCustomizerParser> parserCustomers) {
        this.parserCustomers = parserCustomers;
    }

    @Override
-    public AuthorizeDefinition parse(MethodInterceptorParamContext paramContext) {
+    public AuthorizeDefinition parse(MethodInterceptorContext paramContext) {

        AuthorizeDefinition definition = cache.get(paramContext.getMethod());
        if (definition != null) return definition instanceof EmptyAuthorizeDefinition ? null : definition;
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/DefaultAuthorizingHandler.java
@@ -12,7 +12,7 @@ import org.hswebframework.web.authorization.annotation.Logical;
 import org.hswebframework.web.authorization.define.AuthorizeDefinition;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
 import org.hswebframework.web.authorization.exception.AccessDenyException;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
+import org.hswebframework.web.boost.aop.context.MethodInterceptorContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

@@ -85,7 +85,7 @@ public class DefaultAuthorizingHandler implements AuthorizingHandler {

    }

-    protected void handleExpression(Authentication authentication, AuthorizeDefinition definition, MethodInterceptorParamContext paramContext) {
+    protected void handleExpression(Authentication authentication, AuthorizeDefinition definition, MethodInterceptorContext paramContext) {
        if (definition.getScript() != null) {
            String scriptId = DigestUtils.md5Hex(definition.getScript().getScript());

--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/CustomDataAccessHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/CustomDataAccessHandler.java
@@ -22,7 +22,6 @@ import org.hswebframework.web.authorization.access.CustomDataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessHandler;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;

 /**
 * 当配置为自定义处理器时(实现{@link CustomDataAccessConfig }接口),此处理器生效
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/DefaultDataAccessController.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/DefaultDataAccessController.java
@@ -4,7 +4,6 @@ import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessController;
 import org.hswebframework.web.authorization.access.DataAccessHandler;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;

 import java.util.LinkedList;
 import java.util.List;
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/FieldFilterDataAccessHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/FieldFilterDataAccessHandler.java
@@ -6,7 +6,6 @@ import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessHandler;
 import org.hswebframework.web.authorization.access.FieldFilterDataAccessConfig;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
 import org.hswebframework.web.commons.entity.Entity;
 import org.hswebframework.web.commons.entity.param.QueryParamEntity;
 import org.hswebframework.web.commons.model.Model;
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/FieldScopeDataAccessHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/FieldScopeDataAccessHandler.java
@@ -8,9 +8,7 @@ import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessHandler;
 import org.hswebframework.web.authorization.access.FieldScopeDataAccessConfig;
-import org.hswebframework.web.authorization.annotation.RequiresDataAccess;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;
 import org.hswebframework.web.commons.entity.param.QueryParamEntity;
 import org.hswebframework.web.controller.QueryController;
 import org.hswebframework.web.service.QueryService;
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/ScriptDataAccessHandler.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/handler/access/ScriptDataAccessHandler.java
@@ -9,7 +9,6 @@ import org.hswebframework.web.authorization.access.DataAccessConfig;
 import org.hswebframework.web.authorization.access.DataAccessHandler;
 import org.hswebframework.web.authorization.access.ScriptDataAccessConfig;
 import org.hswebframework.web.authorization.define.AuthorizingContext;
-import org.hswebframework.web.boost.aop.context.MethodInterceptorParamContext;

 /**
 * TODO 完成注释
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserOnSignOut.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserOnSignOut.java
@@ -1,7 +1,5 @@
 package org.hswebframework.web.authorization.basic.web;

-import org.hswebframework.web.ThreadLocalUtils;
-import org.hswebframework.web.WebUtil;
 import org.hswebframework.web.authorization.listener.AuthorizationListener;
 import org.hswebframework.web.authorization.listener.event.AuthorizationExitEvent;
 import org.hswebframework.web.authorization.token.UserToken;
@@ -25,7 +23,7 @@ public class UserOnSignOut implements AuthorizationListener<AuthorizationExitEve
    }

    protected String geToken() {
-        // TODO: 17-8-16 更多创建方式
-        return ThreadLocalUtils.<UserToken>get(UserToken.class.getName()).getToken();
+        UserToken token = UserTokenHolder.currentToken();
+        return null != token ? token.getToken() : null;
    }
 }