From 165b3cfcd8e604e70192865b9dcb3a12f3306e3b Mon Sep 17 00:00:00 2001
From: lyfO_o <764716047@qq.com>
Date: 星期五, 01 七月 2022 14:34:07 +0800
Subject: [PATCH] 调整

---
 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java   |   28 ++++++++++++++++++++++++++++
 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java |   13 ++++++-------
 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java         |    2 --
 3 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java
index a8493d2..75b7c2f 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/exception/GlobalExceptionHandler.java
@@ -7,6 +7,8 @@
 import com.gkhy.safePlatform.commons.vo.ResultVO;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -38,6 +40,32 @@
         return new ResultVO(e.getError());
     }
 
+
+    /**
+     * @Description: AuthenticationException
+     */
+
+    @ResponseBody
+    @ExceptionHandler(value = AuthenticationException.class)
+    public ResultVO CHandler(AuthenticationException e) {
+        logger.warn(e.getMessage());
+        return new ResultVO(ResultCodes.CLIENT_PERMISSION_NOT_ALLOW);
+    }
+
+
+    /**
+     * @Description: AuthenticationException
+     */
+
+    @ResponseBody
+    @ExceptionHandler(value = AccessDeniedException.class)
+    public ResultVO DHandler(AccessDeniedException e) {
+        logger.warn(e.getMessage());
+        return new ResultVO(ResultCodes.CLIENT_PERMISSION_NOT_ALLOW);
+
+    }
+
+
     /**
      * 系统错误异常
      */
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
index 874b46f..a6ba791 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -3,6 +3,7 @@
 import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
+import com.gkhy.safePlatform.commons.co.CacheAuthority;
 import com.gkhy.safePlatform.commons.co.CacheUser;
 import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
 import com.gkhy.safePlatform.commons.enums.ResultCodes;
@@ -54,11 +55,7 @@
         } catch (BusinessException e) {
             // 返回异常
             this.writeJSON(req, resp, new ResultVO<>(e.getError()));
-        } catch (Exception e) {
-            e.printStackTrace();
-            this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
         }
-
 
     }
 
@@ -93,13 +90,15 @@
                 // 3.redis获取权限
                 String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
                 String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
-                List<GrantedAuthority> authorities;
+                List<GrantedAuthority> authorities = new ArrayList<>();
                 // 4.redis中是否存在
                 if (oo != null) {
                     // 5.存在
-                    authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
+                    List<CacheAuthority> cacheAuthorities = JSONArray.parseArray(oo, CacheAuthority.class);
+                    for (CacheAuthority cacheAuthority: cacheAuthorities) {
+                        authorities.add(new SimpleGrantedAuthority(cacheAuthority.getAuthority()));
+                    }
                 }else {
-                    authorities = new ArrayList<>();
                     // 6.不存在=>数据库查询
                     String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
                     // role
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
index 3c6ef70..7bd4a36 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
@@ -50,8 +50,6 @@
         http.headers().cacheControl();
         // jwt过滤器
         http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
-        // 没有登录,没有权限 => 自定义返回
-        http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).accessDeniedHandler(accessDeniedHandler);
         // 请求认证访问
         http.authorizeRequests().anyRequest().authenticated();
         // 允许跨域访问

--
Gitblit v1.9.2