Skip to content

Commit

Permalink
@inner在类上时,inner为空。必须获取类上的
Browse files Browse the repository at this point in the history
  • Loading branch information
zhangxinjie committed Jul 28, 2023
1 parent e427126 commit 29840e4
Showing 1 changed file with 6 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,15 @@
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.access.AccessDeniedException;

import javax.servlet.http.HttpServletRequest;

/**
* @author lengleng
* @date 2022-06-04
*
* <p>
* 服务间接口不鉴权处理逻辑
*/
@Slf4j
Expand All @@ -46,11 +47,10 @@ public class PigSecurityInnerAspect implements Ordered {
@Before("@within(inner) || @annotation(inner)")
public void around(JoinPoint point, Inner inner) {
// 实际注入的inner实体由表达式后一个注解决定,即是方法上的@Inner注解实体,若方法上无@Inner注解,则获取类上的
// 这段代码没有意义,拦截的就是@Inner注解,怎么会为null呢
// if (inner == null) {
// Class<?> clazz = point.getTarget().getClass();
// inner = AnnotationUtils.findAnnotation(clazz, Inner.class);
// }
if (inner == null) {
Class<?> clazz = point.getTarget().getClass();
inner = AnnotationUtils.findAnnotation(clazz, Inner.class);
}
String header = request.getHeader(SecurityConstants.FROM);
if (inner.value() && !SecurityConstants.FROM_IN.equals(header)) {
log.warn("访问接口 {} 没有权限", point.getSignature().getName());
Expand Down

0 comments on commit 29840e4

Please sign in to comment.