From 29840e449fa2964dc8169662b82b1778f05fee39 Mon Sep 17 00:00:00 2001 From: zhangxinjie Date: Fri, 28 Jul 2023 15:06:19 +0800 Subject: [PATCH] =?UTF-8?q?@Inner=E5=9C=A8=E7=B1=BB=E4=B8=8A=E6=97=B6?= =?UTF-8?q?=EF=BC=8Cinner=E4=B8=BA=E7=A9=BA=E3=80=82=E5=BF=85=E9=A1=BB?= =?UTF-8?q?=E8=8E=B7=E5=8F=96=E7=B1=BB=E4=B8=8A=E7=9A=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/component/PigSecurityInnerAspect.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java b/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java index 42f2ff1f1..9a63bec94 100644 --- a/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java +++ b/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigSecurityInnerAspect.java @@ -25,6 +25,7 @@ import org.aspectj.lang.annotation.Aspect; import org.aspectj.lang.annotation.Before; import org.springframework.core.Ordered; +import org.springframework.core.annotation.AnnotationUtils; import org.springframework.security.access.AccessDeniedException; import javax.servlet.http.HttpServletRequest; @@ -32,7 +33,7 @@ /** * @author lengleng * @date 2022-06-04 - * + *

* 服务间接口不鉴权处理逻辑 */ @Slf4j @@ -46,11 +47,10 @@ public class PigSecurityInnerAspect implements Ordered { @Before("@within(inner) || @annotation(inner)") public void around(JoinPoint point, Inner inner) { // 实际注入的inner实体由表达式后一个注解决定,即是方法上的@Inner注解实体,若方法上无@Inner注解,则获取类上的 - // 这段代码没有意义,拦截的就是@Inner注解,怎么会为null呢 - // if (inner == null) { - // Class clazz = point.getTarget().getClass(); - // inner = AnnotationUtils.findAnnotation(clazz, Inner.class); - // } + if (inner == null) { + Class clazz = point.getTarget().getClass(); + inner = AnnotationUtils.findAnnotation(clazz, Inner.class); + } String header = request.getHeader(SecurityConstants.FROM); if (inner.value() && !SecurityConstants.FROM_IN.equals(header)) { log.warn("访问接口 {} 没有权限", point.getSignature().getName());