实现权限验证拦截器

  1. @Component
  2. public class PermissionScopeInterceptor extends BaseBffPermissionScopeHandlerInterceptorAdapter {
  4.     @Override
  5.     protected void assemblePermissionScopeData(Collection<PermissionScopeData> collection) {
  6.         // TODO 调用服务拼装更多的权限和数据范围定义用于验证,具体参考代码示例
  7.     }
  9.     @Override
  10.     protected boolean validatePermissionWithoutScope(PermissionScopeData permissionScopeData) {
  11.         Long userId = ClientRequestContextHolder.current().getUserId();
  12.         String permissionKey = permissionScopeData.getPermissionKey();
  13.         // TODO 验证用户是否有权限
  14.     }
  16. }

MVC 配置拦截器

自定义实现数据范围验证器

  2. /**
  3.  * 验证组织数据范围
  4.  */
  5. @Component
  6. public class OrgPermissionScopeValidator implements PermissionScopeValidator {
  8.     @Override
  9.     public boolean validate(PermissionScopeData permissionScopeData) {
  10.         Long userId = ClientRequestContextHolder.current().getUserId();
  12.         // TODO 进行实际验证,具体参考代码示例
  14.         return true;
  15.     }
  17. }

注册自定义验证器

  1. @Configuration
  2. public class PermissionScopeConfig {
  4.     @Autowired
  5.     private OrgPermissionScopeValidator orgPermissionScopeValidator;
  7.     @Bean
  8.     protected PermissionScopeValidatorMapping permissionScopeValidatorMapping() {
  9.         PermissionScopeValidatorMapping mapping = new PermissionScopeValidatorMapping();
  11.         // 添加各种 scopeType 实现
  12.         mapping.add(ScopeConstants.SCOPE_TYPE_ORG, orgPermissionScopeValidator);
  14.         return mapping;
  15.     }
  17. }