forked from kidgrow-microservices-platform
kidgrow-springcloud/kidgrow-springcloud-zuul/src/main/java/com/kidgrow/zuul/filter/OrganizationFilter.java
@@ -9,6 +9,7 @@ import com.kidgrow.redis.util.RedisUtils; import com.kidgrow.zuul.feign.SysOrganizationService; import com.kidgrow.zuul.feign.SysUserOrgService; import com.kidgrow.zuul.service.TokenService; import com.netflix.zuul.ZuulFilter; import com.netflix.zuul.context.RequestContext; import lombok.SneakyThrows; @@ -18,9 +19,11 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextImpl; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import java.util.*; import static org.springframework.cloud.netflix.zuul.filters.support.FilterConstants.PRE_DECORATION_FILTER_ORDER; @@ -28,7 +31,7 @@ /** * 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br> * * @Description: 将认证用户的相关信息放入header中, 后端服务可以直接读取使用 包含了----组织的拦截---<br> * @Description: 将认证用户的相关信息放入header中, 后端服务可以直接读取使用 包含了----组织的拦截--- 如果被拦截,将清除token<br> * @Project: <br> * @CreateDate: Created in 2020/2/21 10:12 <br> * @Author: <a href="4345453@kidgrow.com">liuke</a> @@ -57,33 +60,40 @@ private SysUserOrgService sysUserOrgService; @Autowired private SysOrganizationService sysOrganizationService; private final String CLIENTID = "webApp";//运营端 @Autowired private TokenService tokenService; @SneakyThrows @Override public Object run() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) { RequestContext currentContext = RequestContext.getCurrentContext(); // 获取request对象 HttpServletRequest request = currentContext.getRequest(); //security会把一个SecurityContextImpl对象存储到session中,此对象中有当前用户的各种资料 SecurityContextImpl securityContextImpl = (SecurityContextImpl) request .getSession().getAttribute("SPRING_SECURITY_CONTEXT"); authentication = securityContextImpl.getAuthentication(); Object principal = authentication.getPrincipal(); RequestContext ctx = RequestContext.getCurrentContext(); if (principal instanceof SysUser) { //运营端进行 OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication; String clientId = oauth2Authentication.getOAuth2Request().getClientId(); // if (CLIENTID.equals(clientId)) { SysUser user = (SysUser) authentication.getPrincipal(); /** * 将组织中为空的拦截 */ List<SysUserOrg> sysUserOrgs = getSysUserOrg(user.getId()); if (sysUserOrgs == null || sysUserOrgs.isEmpty()) { ctx.setSendZuulResponse(false); ctx.addZuulResponseHeader("Content-Type","application/json;charset=UTF-8"); SysUser user = (SysUser) authentication.getPrincipal(); /** * 将组织中为空的拦截 */ List<SysUserOrg> sysUserOrgs = this.getSysUserOrg(user.getId()); if (sysUserOrgs == null || sysUserOrgs.isEmpty()) { //退出的操作 this.tokenService.logout(request); ctx.setSendZuulResponse(false); ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8"); // String str = new String("您的组织已经被禁用,请联系管理员".getBytes("utf-8"), "utf-8"); ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员"))); } else { ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员"))); } else { // List<Long> collect = sysUserOrgs.stream().map(e -> e.getOrgId()).collect(Collectors.toList()); // List<SysOrganization> sysOrganizations = getSysOrganization(); // List<Long> orgIds = sysOrganizations.stream().filter(e -> e.getEnabled() == true && collect.contains(e.getId())).map(e -> e.getId()).collect(Collectors.toList()); @@ -91,34 +101,40 @@ // ctx.setSendZuulResponse(false); // ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员"))); // } if (!request.getRequestURI().contains("ReportRecord/getImg")) { //根据fegin客户端查询状态 Map<String,Object> map; Map<String, Object> map; for (SysUserOrg sysUserOrg : sysUserOrgs) { map=new HashMap<>(); map.put("id",sysUserOrg.getOrgId()); map = new HashMap<>(); map.put("id", sysUserOrg.getOrgId()); List<SysOrganization> sysOrganizations = JSON.parseArray(JSON.toJSONString(sysOrganizationService.getListByMap(map).getData()), SysOrganization.class); if(sysOrganizations==null||sysOrganizations.size()<=0){ if (sysOrganizations == null || sysOrganizations.size() <= 0) { //退出的操作 this.tokenService.logout(request); ctx.setSendZuulResponse(false); ctx.addZuulResponseHeader("Content-Type","application/json;charset=UTF-8"); ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8"); ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员"))); }else { } else { for (SysOrganization sysOrganization : sysOrganizations) { if(!sysOrganization.getEnabled()||sysOrganization.getIsDel()){ if (!sysOrganization.getEnabled() || sysOrganization.getIsDel()) { //退出的操作 this.tokenService.logout(request); ctx.setSendZuulResponse(false); ctx.addZuulResponseHeader("Content-Type","application/json;charset=UTF-8"); ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8"); ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员"))); } } } } } // } } } } return null; } /** * 通过userID 获取组织的关系 *
