package com.kidgrow.zuul.auth;
|
|
import com.kidgrow.authclient.service.impl.DefaultPermissionServiceImpl;
|
import com.kidgrow.common.model.SysMenu;
|
import com.kidgrow.zuul.feign.MenuService;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.security.authorization.AuthorizationDecision;
|
import org.springframework.security.authorization.ReactiveAuthorizationManager;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.web.server.authorization.AuthorizationContext;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.server.ServerWebExchange;
|
import reactor.core.publisher.Mono;
|
|
import javax.annotation.Resource;
|
import java.util.List;
|
|
/**
|
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>
|
*
|
* @Description: url权限认证<br>
|
* @Project: <br>
|
* @CreateDate: Created in 2020/2/22 22:44 <br>
|
* @Author: <a href="4345453@kidgrow.com">liuke</a>
|
*/
|
@Slf4j
|
@Component
|
public class PermissionAuthManager extends DefaultPermissionServiceImpl implements ReactiveAuthorizationManager<AuthorizationContext> {
|
@Resource
|
private MenuService menuService;
|
|
@Override
|
public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, AuthorizationContext authorizationContext) {
|
return authentication.map(auth -> {
|
ServerWebExchange exchange = authorizationContext.getExchange();
|
ServerHttpRequest request = exchange.getRequest();
|
boolean isPermission = super.hasPermission(auth, request.getMethodValue(), request.getURI().getPath());
|
return new AuthorizationDecision(isPermission);
|
}).defaultIfEmpty(new AuthorizationDecision(false));
|
}
|
|
@Override
|
public List<SysMenu> findMenuByRoleCodes(String roleCodes) {
|
return menuService.findByRoleCodes(roleCodes);
|
}
|
}
|
