RoleAdministrators 权限控制

2026-05-14 20:50:14 +08:00 · 2020-10-31 21:54:13 +08:00
parent 4c772d7a70
commit 83887ca2ff
5 changed files with 47 additions and 32 deletions
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
@@ -17,22 +17,19 @@

 package org.maxkey.web.interceptor;

-import java.util.ArrayList;
 import java.util.concurrent.ConcurrentHashMap;

 import javax.servlet.RequestDispatcher;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

+import org.maxkey.authn.BasicAuthentication;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 /**
@@ -52,11 +49,6 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 	
 	static  ConcurrentHashMap<String ,String >navigationsMap=null;
 	
-	static  ArrayList<GrantedAuthority> grantedAuthoritys = new ArrayList<GrantedAuthority>();
-	static {
-	    grantedAuthoritys.add(new SimpleGrantedAuthority("ADMINISTRATORS"));
-	}
-	
 	/*
 	 * 请求前处理
 	 *  (non-Javadoc)
@@ -74,20 +66,14 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
            dispatcher.forward(request, response);
            return false;
        }
-	        
-		 boolean isGrantedAuthority = false;
-		 for(GrantedAuthority grantedAuthority : grantedAuthoritys) {
-		     if(WebContext.getAuthentication().getAuthorities().contains(grantedAuthority)) {
-		         isGrantedAuthority = true;
-		         _logger.trace("ADMINISTRATORS Authentication .");
-		     }
-		 }
-		 
-		 if(!isGrantedAuthority) {
-		     RequestDispatcher dispatcher = request.getRequestDispatcher("/logout");
-	            dispatcher.forward(request, response);
-	            return false;
-		 }
+        
+        //非管理员用户直接注销
+        if (!((BasicAuthentication) WebContext.getAuthentication().getPrincipal()).isRoleAdministrators()) {
+            _logger.debug("Not ADMINISTRATORS Authentication .");
+            RequestDispatcher dispatcher = request.getRequestDispatcher("/logout");
+            dispatcher.forward(request, response);
+            return false;
+        }
 		
 		boolean hasAccess=true;