* 增加状态码9999，缓存失效

2019-08-09 16:33:40 +08:00 · 2019-08-09 16:33:40 +08:00 · 7cfc784489
parent 62dc1bfe1d
commit 7cfc784489
4 changed files with 31 additions and 2 deletions
--- a/diboot-core/src/main/java/com/diboot/core/vo/Status.java
+++ b/diboot-core/src/main/java/com/diboot/core/vo/Status.java
@ -55,7 +55,12 @@ public enum Status {
    /***
     * 系统异常
     */
-    FAIL_EXCEPTION(5000, "系统异常");
+    FAIL_EXCEPTION(5000, "系统异常"),
+
+    /***
+     * 系统异常
+     */
+    MEMORY_EMPTY_LOST(9999, "缓存清空");

    private int code;
    private String label;
--- a/diboot-example/src/main/java/com/diboot/example/handle/ExceptionHandler.java
+++ b/diboot-example/src/main/java/com/diboot/example/handle/ExceptionHandler.java
@ -0,0 +1,14 @@
+package com.diboot.example.handle;
+
+import com.diboot.core.handle.DefaultExceptionHandler;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+
+/**
+ *
+ * @author : wee
+ * @version : v 1.0
+ * @Date 2019-08-09  13:54
+ */
+@ControllerAdvice
+public class ExceptionHandler extends DefaultExceptionHandler {
+}
--- a/diboot-shiro/src/main/java/com/diboot/shiro/authz/handler/AuthorizationWrapperAnnotationHandler.java
+++ b/diboot-shiro/src/main/java/com/diboot/shiro/authz/handler/AuthorizationWrapperAnnotationHandler.java
@ -1,10 +1,13 @@
 package com.diboot.shiro.authz.handler;

+import com.diboot.core.exception.BusinessException;
 import com.diboot.core.util.S;
 import com.diboot.core.util.V;
+import com.diboot.core.vo.Status;
 import com.diboot.shiro.authz.annotation.AuthorizationPrefix;
 import com.diboot.shiro.authz.annotation.AuthorizationWrapper;
 import com.diboot.shiro.authz.properties.AuthorizationProperties;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.aop.AnnotationResolver;
 import org.apache.shiro.aop.MethodInvocation;
 import org.apache.shiro.authz.AuthorizationException;
@ -58,10 +61,14 @@ public class AuthorizationWrapperAnnotationHandler extends AuthorizingAnnotation
     * 校验注解{@link AuthorizationWrapper}
     */
    public void assertAuthorized(AnnotationResolver resolver, MethodInvocation mi) throws AuthorizationException {
+        //检查缓存
+        Subject subject = SecurityUtils.getSubject();
+        if (V.isEmpty(subject) || V.isEmpty(subject.getPrincipals())) {
+            throw new BusinessException(Status.MEMORY_EMPTY_LOST);
+        }
        //如果方法上存在AuthorizationWrapper注解，那么resolver.getAnnotation()获取的是AuthorizationWrapper注解，会优先从缓存读取
        AuthorizationWrapper authorizationWrapper = (AuthorizationWrapper)resolver.getAnnotation(mi, AuthorizationWrapper.class);
        String[] perms = getAnnotationValue(authorizationWrapper);
-        Subject subject = getSubject();
        //当系统配置的所有权限角色集合 ： 如果当前用户包含其中任意一个角色，直接允许访问，否则对当前用户进行资源校验
        if (V.notEmpty(authorizationProperties.getHasAllPermissionsRoleList())) {
            for (String role : authorizationProperties.getHasAllPermissionsRoleList()) {
--- a/diboot-shiro/src/main/java/com/diboot/shiro/jwt/BaseJwtAuthenticationFilter.java
+++ b/diboot-shiro/src/main/java/com/diboot/shiro/jwt/BaseJwtAuthenticationFilter.java
@ -1,10 +1,13 @@
 package com.diboot.shiro.jwt;

+import com.diboot.core.exception.BusinessException;
 import com.diboot.core.util.JSON;
 import com.diboot.core.util.V;
 import com.diboot.core.vo.JsonResult;
 import com.diboot.core.vo.Status;
 import com.diboot.shiro.util.JwtHelper;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
 import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;