1 package com.supwisdom.institute.backend.admin.bff.security.web.access.intercept;
3 import java.util.ArrayList;
4 import java.util.Collection;
5 import java.util.HashMap;
6 import java.util.Iterator;
7 import java.util.LinkedHashMap;
10 import javax.servlet.http.HttpServletRequest;
12 import org.springframework.beans.factory.annotation.Autowired;
13 import org.springframework.security.access.ConfigAttribute;
14 import org.springframework.security.access.SecurityConfig;
15 import org.springframework.security.web.FilterInvocation;
16 import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
17 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
18 import org.springframework.security.web.util.matcher.RequestMatcher;
20 import lombok.extern.slf4j.Slf4j;
23 public class MyFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
26 // User1SecurityPermissionRemoteService user1SecurityPermissionRemoteService;
28 private Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
30 public void refreshRequestMap() {
32 log.info("MyFilterInvocationSecurityMetadataSource.refreshRequestMap");
38 private void loadRequestMap() {
39 synchronized (MyFilterInvocationSecurityMetadataSource.class) {
41 if (requestMap == null) {
42 requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
44 // String applicationCode = Constants.APPLICATION_CODE;
45 // SecurityPermission securityPermission = user1SecurityPermissionRemoteService.loadPermissionsByAppcode(applicationCode, null);
46 // if (securityPermission == null) {
50 // Map<String, String> mapRoles = new HashMap<String, String>();
51 // for (Role r : securityPermission.getRoles()) {
52 // mapRoles.put(r.getId(), r.getCode());
55 // Map<String, Collection<ConfigAttribute>> permissionRoles = new HashMap<String, Collection<ConfigAttribute>>();
56 // for (RolePermission rp : securityPermission.getRolePermissions()) {
57 // if (mapRoles.containsKey(rp.getRoleId())) {
58 // if (!permissionRoles.containsKey(rp.getPermissionId())) {
59 // permissionRoles.put(rp.getPermissionId(), new ArrayList<ConfigAttribute>());
61 // ConfigAttribute ca = new SecurityConfig(mapRoles.get(rp.getRoleId()));
62 // permissionRoles.get(rp.getPermissionId()).add(ca);
66 // for (Permission p : securityPermission.getPermissions()) {
67 // Collection<ConfigAttribute> attributes = permissionRoles.get(p.getId());
68 // if (attributes == null) {
69 // attributes = new ArrayList<ConfigAttribute>();
72 // if (p.getUrl() == null || p.getUrl().isEmpty()) {
76 // String pattern = p.getUrl();
77 // String httpMethod = null;
79 // if (pattern.startsWith("GET ") || pattern.startsWith("POST ") || pattern.startsWith("PUT ") || pattern.startsWith("DELETE ")) {
80 // httpMethod = pattern.substring(0, pattern.indexOf(" "));
81 // pattern = pattern.substring(pattern.indexOf(" ")+1);
84 // AntPathRequestMatcher requestMatcher = new AntPathRequestMatcher(pattern, httpMethod);
86 // requestMap.put(requestMatcher, attributes);
94 * 获取当前请求关联的所有角色code {@link SecurityConfig} 用于和用户拥有的角色code 进行比对
97 public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
99 if (requestMap == null) {
103 HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
105 RequestMatcher requestMatcher;
106 for (Iterator<RequestMatcher> iter = requestMap.keySet().iterator(); iter.hasNext();) {
107 requestMatcher = iter.next();
109 if (requestMatcher.matches(request)) {
110 return requestMap.get(requestMatcher);
118 public Collection<ConfigAttribute> getAllConfigAttributes() {
124 public boolean supports(Class<?> clazz) {
Code Review / institute / sw-backend.git / blob