| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 |
- package com.aizuda.boot.config;
- import com.aizuda.boot.system.service.ISysResourceApiService;
- import com.aizuda.service.web.UserSession;
- import com.baomidou.kisso.SSOAuthorization;
- import com.baomidou.kisso.security.token.SSOToken;
- import com.github.benmanes.caffeine.cache.Cache;
- import com.github.benmanes.caffeine.cache.Caffeine;
- import jakarta.annotation.Resource;
- import org.apache.commons.collections.CollectionUtils;
- import org.springframework.stereotype.Component;
- import java.util.List;
- import java.util.concurrent.TimeUnit;
- /**
- * 权限授权处理器
- *
- * @author 青苗
- * @since 2021-11-16
- */
- @Component
- public class Authorization implements SSOAuthorization {
- @Resource
- private ISysResourceApiService sysResourceApiService;
- /**
- * 用户权限编码列表缓存 15 分钟
- */
- protected Cache<Long, List<String>> codeListCache = Caffeine.newBuilder()
- .expireAfterWrite(15, TimeUnit.MINUTES)
- .maximumSize(1000)
- .build();
- /**
- * 用户权限编码校验缓存 5 分钟
- */
- protected Cache<String, Boolean> codeCache = Caffeine.newBuilder()
- .expireAfterWrite(5, TimeUnit.MINUTES)
- .maximumSize(6000)
- .build();
- @Override
- public boolean isPermitted(SSOToken token, String permission) {
- Long userId = Long.valueOf(token.getId());
- if (UserSession.isAdmin(userId)) {
- // 超级管理员免鉴权
- return true;
- }
- final String key = userId + permission;
- Boolean legalKey = codeCache.getIfPresent(key);
- if (null != legalKey) {
- return legalKey;
- }
- List<String> codeList = codeListCache.getIfPresent(userId);
- if (CollectionUtils.isEmpty(codeList)) {
- codeList = sysResourceApiService.listCodesByUserId(userId);
- codeListCache.put(userId, codeList);
- }
- // 判断当前权限编码是否存在
- legalKey = codeList.contains(permission);
- codeCache.put(key, legalKey);
- return legalKey;
- }
- }
|
