mirror of
https://codeup.aliyun.com/64f7d6b8ce01efaafef1e678/coal/coal.git
synced 2026-01-25 15:55:18 +08:00
bugfix
This commit is contained in:
@@ -29,6 +29,8 @@ import org.springframework.http.server.PathContainer;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.transaction.PlatformTransactionManager;
|
||||
import org.springframework.transaction.TransactionDefinition;
|
||||
import org.springframework.transaction.TransactionStatus;
|
||||
import org.springframework.transaction.UnexpectedRollbackException;
|
||||
import org.springframework.transaction.support.DefaultTransactionDefinition;
|
||||
import org.springframework.transaction.support.TransactionTemplate;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
@@ -36,6 +38,7 @@ import org.springframework.web.util.pattern.PathPatternParser;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
@Component
|
||||
@Order(0)
|
||||
@@ -49,6 +52,7 @@ public class AuthFilter extends OncePerRequestFilter {
|
||||
|
||||
@Autowired PlatformTransactionManager transactionManager;
|
||||
@Autowired ObjectMapper objectMapper;
|
||||
|
||||
@Value("${server.servlet.context-path}")
|
||||
private String contextPath;
|
||||
|
||||
@@ -62,95 +66,105 @@ public class AuthFilter extends OncePerRequestFilter {
|
||||
transactionManager,
|
||||
new DefaultTransactionDefinition(
|
||||
TransactionDefinition.PROPAGATION_REQUIRED));
|
||||
try {
|
||||
|
||||
transactionTemplate.executeWithoutResult(
|
||||
tx -> {
|
||||
MDC.remove("user");
|
||||
if (isMatches(request)) {
|
||||
transactionTemplate.executeWithoutResult(
|
||||
getTransactionStatusConsumer(request, response, filterChain));
|
||||
} catch (UnexpectedRollbackException e) {
|
||||
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
return;
|
||||
logger.warn(e);
|
||||
}
|
||||
}
|
||||
|
||||
private Consumer<TransactionStatus> getTransactionStatusConsumer(
|
||||
HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
|
||||
|
||||
return tx -> {
|
||||
MDC.remove("user");
|
||||
if (isMatches(request)) {
|
||||
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
String sessionId = request.getHeader("X-Token");
|
||||
|
||||
Optional<ResourceEntity> resource = resourceService.findUrl(getRequestURI(request));
|
||||
|
||||
if (resource.isEmpty()) {
|
||||
writeResponse(new BizException("invalidUrl", "资源未找到"), response);
|
||||
return;
|
||||
}
|
||||
|
||||
request.setAttribute("__resourceEntity", resource.get());
|
||||
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
|
||||
if (resource.get().getAnonymous()) {
|
||||
sessionService.anonymousSession();
|
||||
UserEntity user = Ctx.currentUser();
|
||||
MDC.put("user", user.getUsername());
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
|
||||
String sessionId = request.getHeader("X-Token");
|
||||
} else {
|
||||
|
||||
Optional<ResourceEntity> resource =
|
||||
resourceService.findUrl(getRequestURI(request));
|
||||
writeResponse(new BizException("loginRequired", "请先登录"), response);
|
||||
}
|
||||
|
||||
if (resource.isEmpty()) {
|
||||
writeResponse(new BizException("invalidUrl", "资源未找到"), response);
|
||||
return;
|
||||
} else {
|
||||
|
||||
try {
|
||||
|
||||
sessionService.rebuildSession(sessionId);
|
||||
|
||||
} catch (BizException ex) {
|
||||
|
||||
writeResponse(ex, response);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
UserEntity user = Ctx.currentUser();
|
||||
MDC.put("user", user.getUsername());
|
||||
|
||||
Optional<ResourceEntity> userResource =
|
||||
user.getRoles().stream()
|
||||
.flatMap(x -> x.getPermissions().stream())
|
||||
.flatMap(x -> x.getResources().stream())
|
||||
.filter(x -> StringUtils.equals(x.getId(), resource.get().getId()))
|
||||
.findAny();
|
||||
|
||||
if (userResource.isEmpty() && BooleanUtils.isFalse(user.getSysAdmin())) {
|
||||
|
||||
writeResponse(
|
||||
new BizException("invalidAccess", "当前资源未授权,请联系机构管理员处理。"), response);
|
||||
} else {
|
||||
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (Exception e) {
|
||||
logger.warn(e);
|
||||
throw e;
|
||||
}
|
||||
|
||||
request.setAttribute("__resourceEntity", resource.get());
|
||||
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
|
||||
if (resource.get().getAnonymous()) {
|
||||
sessionService.anonymousSession();
|
||||
UserEntity user = Ctx.currentUser();
|
||||
MDC.put("user", user.getUsername());
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
} else {
|
||||
|
||||
writeResponse(new BizException("loginRequired", "请先登录"), response);
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
try {
|
||||
|
||||
sessionService.rebuildSession(sessionId);
|
||||
|
||||
} catch (BizException ex) {
|
||||
|
||||
writeResponse(ex, response);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
UserEntity user = Ctx.currentUser();
|
||||
MDC.put("user", user.getUsername());
|
||||
|
||||
Optional<ResourceEntity> userResource =
|
||||
user.getRoles().stream()
|
||||
.flatMap(x -> x.getPermissions().stream())
|
||||
.flatMap(x -> x.getResources().stream())
|
||||
.filter(
|
||||
x ->
|
||||
StringUtils.equals(
|
||||
x.getId(), resource.get().getId()))
|
||||
.findAny();
|
||||
|
||||
if (userResource.isEmpty() && BooleanUtils.isFalse(user.getSysAdmin())) {
|
||||
|
||||
writeResponse(
|
||||
new BizException("invalidAccess", "当前资源未授权,请联系机构管理员处理。"),
|
||||
response);
|
||||
} else {
|
||||
|
||||
try {
|
||||
filterChain.doFilter(request, response);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch (ServletException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
private boolean isMatches(HttpServletRequest request) {
|
||||
|
||||
@@ -123,9 +123,13 @@ public class IpQueryService {
|
||||
if (siteLocalAddress) {
|
||||
return "内网地址";
|
||||
}
|
||||
try {
|
||||
|
||||
CityResponse city = reader.city(ipAddress);
|
||||
return city.getCountry().getName() + city.getCity().getName();
|
||||
} catch (Exception e) {
|
||||
return "";
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
|
||||
@@ -25,7 +25,7 @@ public class GlobalExceptionHandler {
|
||||
}
|
||||
|
||||
private void logEx(Exception ex, HttpServletRequest request, HandlerMethod handlerMethod) {
|
||||
if (request.getAttribute("__logged") != null) {
|
||||
if (request.getAttribute("__logged") == null) {
|
||||
|
||||
log.info(
|
||||
"接口调用异常: {}\nurl:{} {}\nmethod: {}",
|
||||
|
||||
Reference in New Issue
Block a user